Compromised plugins found on WordPress.org 2024-06-26 at 11:46 By Zeljka Zorz An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them complete control over WordPress installations / websites. “In addition, it appears the threat actor also injected malicious JavaScript […]
Compromised plugins found on WordPress.org Read More »
Future trends in cyber warfare: Predictions for AI integration and space-based operations 2024-06-26 at 06:36 By Mirko Zorz In this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors. AI enhances decision-making speed and precision for state actors, facilitating
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) 2024-06-25 at 21:16 By Zeljka Zorz Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software product. According to WatchTowr Labs researchers, the company has been privately instructing users to implement the hotfixes before
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806) Read More »
Ransomware disrupts Indonesia’s national data centre, LockBit gang claims US Federal Reserve breach 2024-06-25 at 14:46 By Zeljka Zorz Ransomware attackers wielding a LockBit variant dubbed Brain Cipher have disrupted a temporary national data center facility which supports the operations of 200+ Indonesian government agencies and public services. The attackers are asking for a $8
New security loophole allows spying on internet users’ online activity 2024-06-25 at 13:16 By Help Net Security Researchers at Graz University of Technology were able to spy on users’ online activities simply by monitoring fluctuations in the speed of their internet connection. This vulnerability, known as SnailLoad, does not require malicious code to exploit, and
New security loophole allows spying on internet users’ online activity Read More »
Zeek: Open-source network traffic analysis, security monitoring 2024-06-25 at 07:01 By Mirko Zorz Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret
Zeek: Open-source network traffic analysis, security monitoring Read More »
CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0 2024-06-25 at 06:31 By Mirko Zorz In this Help Net Security interview, Kunal Modasiya, VP of Product Management and Growth at Qualys, explores the key features, significant advantages, and innovative technologies behind Qualys CyberSecurity Asset Management 3.0. Can you explain the key features of Qualys CyberSecurity Asset
CISOs’ new ally: Qualys CyberSecurity Asset Management 3.0 Read More »
Open-source Rafel RAT steals info, locks Android devices, asks for ransom 2024-06-24 at 14:46 By Zeljka Zorz The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Check Point
Open-source Rafel RAT steals info, locks Android devices, asks for ransom Read More »
Why are threat actors faking data breaches? 2024-06-24 at 07:16 By Help Net Security Earlier this year Europcar discovered a hacker selling info on its 50 million customers on the dark web. The European car rental company immediately launched an investigation, only to discover that the data being sold was completely doctored, possibly using generative
Why are threat actors faking data breaches? Read More »
Securing the video market: From identification to disruption 2024-06-24 at 07:01 By Help Net Security Video piracy, a pressing issue often unnoticed in security discussions, is rising and demands immediate attention. In this Help Net Security video, Chris White, Chief Architect at Friend MTS, discusses monitoring, identifying, and disrupting piracy for the video market. He
Securing the video market: From identification to disruption Read More »
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) 2024-06-21 at 14:31 By Zeljka Zorz A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitation is typical of firmware backdoors (e.g.,
Intel-powered computers affected by serious firmware flaw (CVE-2024-0762) Read More »
US bans Kaspersky antivirus software due to national security risks 2024-06-21 at 13:01 By Zeljka Zorz The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensitive data for malicious
US bans Kaspersky antivirus software due to national security risks Read More »
Cilium: Open-source eBPF-based networking, security, observability 2024-06-21 at 07:01 By Help Net Security Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in
Cilium: Open-source eBPF-based networking, security, observability Read More »
Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks 2024-06-20 at 17:46 By Zeljka Zorz Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its employees on Tuesday. The confirmation came
Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks Read More »
CDK Global cyberattack cripples 15,000 US auto dealerships 2024-06-20 at 13:46 By Zeljka Zorz CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations. About CDK and its platform CDK’s platform is used by 15,000+ car dealerships across North America to
CDK Global cyberattack cripples 15,000 US auto dealerships Read More »
From passwords to passkeys: Enhancing security and user satisfaction 2024-06-20 at 07:01 By Mirko Zorz In this Help Net Security interview, Julianna Lamb, Stytch CTO, discusses the advantages of passwordless authentication. Eliminating passwords reduces data breaches and improves user experience by simplifying the login process. Lamb also addresses the technical challenges and economic implications of
From passwords to passkeys: Enhancing security and user satisfaction Read More »
Clever macOS malware delivery campaign targets cryptocurrency users 2024-06-19 at 14:16 By Zeljka Zorz Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorder Future’s researchers are warning. The threat actor behind this complex scheme is going after both Windows and Mac users, and leverages social media and messaging
Clever macOS malware delivery campaign targets cryptocurrency users Read More »
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting 2024-06-19 at 07:33 By Mirko Zorz SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (NSM), and threat hunting. The project is developed and maintained by Stamus Networks. SELKS is an effective production-grade solution for many small
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting Read More »
Find out which cybersecurity threats organizations fear the most 2024-06-19 at 06:31 By Help Net Security This article compiles excerpts from various reports, presenting statistics and insights on cybersecurity threats faced by businesses and individuals alike. Cyber insurance isn’t the answer for ransom payments Veeam | 2024 Ransomware Trends Report | June 2024 Ransomware remains
Find out which cybersecurity threats organizations fear the most Read More »
Medibank breach: Security failures revealed (lack of MFA among them) 2024-06-18 at 17:31 By Zeljka Zorz The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement by
Medibank breach: Security failures revealed (lack of MFA among them) Read More »