Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

Lightning Framework is a new undetected Swiss Army Knife-like Linux malware that has modular plugins and the ability to install rootkits. Year after year Linux environments increasingly become the target of malware due to continued threat actor interest in the… Read more → The post Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡ first appeared on IT Security News.
https://www.itsecuritynews.info/lightning-framework-new-undetected-swiss-army-knife-linux-malware-%e2%9a%a1-95/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=lightning-framework-new-undetected-swiss-army-knife-linux-malware-%25e2%259a%25a1-95

Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'

Microsoft has officially resumed blocking Visual Basic for Applications (VBA) macros by default across Office apps, weeks after temporarily announcing plans to roll back the change. "Based on our review of customer feedback, we've made updates to both our end user and our IT admin documentation to make clearer what options you have for different scenarios," the company said in an update on July
https://thehackernews.com/2022/07/microsoft-resumes-blocking-office-vba.html?utm_source=dlvr.it&utm_medium=blogger

Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

Lightning Framework is a new undetected Swiss Army Knife-like Linux malware that has modular plugins and the ability to install rootkits. Year after year Linux environments increasingly become the target of malware due to continued threat actor interest in the… Read more → The post Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡ first appeared on IT Security News.
https://www.itsecuritynews.info/lightning-framework-new-undetected-swiss-army-knife-linux-malware-%e2%9a%a1-52/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=lightning-framework-new-undetected-swiss-army-knife-linux-malware-%25e2%259a%25a1-52

Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡

Lightning Framework is a new undetected Swiss Army Knife-like Linux malware that has modular plugins and the ability to install rootkits. Year after year Linux environments increasingly become the target of malware due to continued threat actor interest in the… Read more → The post Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware ⚡ first appeared on IT Security News.
https://www.itsecuritynews.info/lightning-framework-new-undetected-swiss-army-knife-linux-malware-%e2%9a%a1-51/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=lightning-framework-new-undetected-swiss-army-knife-linux-malware-%25e2%259a%25a1-51

Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists

The actively exploited but now-fixed Google Chrome zero-day flaw that came to light earlier this month was weaponized by an Israeli spyware company and used in attacks targeting journalists in the Middle East. Czech cybersecurity firm Avast linked the exploitation to Candiru (aka Saito Tech), which has a history of leveraging previously unknown flaws to deploy a Windows malware dubbed
https://thehackernews.com/2022/07/candiru-spyware-caught-exploiting.html?utm_source=dlvr.it&utm_medium=blogger

Hackers Steal Over 50,000 Payment Card Records Using E-Skimmer From Over 300 Restaurants

Two web-skimming Magecart campaigns that targeted three different online ordering platforms have stolen payment card details from more than 310 restaurants. It was determined that in total, 50,000 payment cards were taken, and as a result, they are already in the process of being sold on a number of dark-web marketplaces.  When an online shopper […] The post Hackers Steal Over 50,000 Payment Card Records Using E-Skimmer From Over 300 Restaurants appeared first on Cyber Security News.
https://cybersecuritynews.com/hackers-steal-over-50000-payment-card-records-using-e-skimmer/?utm_source=dlvr.it&utm_medium=blogger

The New Weak Link in SaaS Security: Devices

Typically, when threat actors look to infiltrate an organization's SaaS apps, they look to SaaS app misconfigurations as a means of entry. However, employees now use their personal devices, whether their phones or laptops, etc., to get their jobs done. If the device's hygiene is not up to par, it increases the risk for the organization and widens the attack surface for bad actors. And so,
https://thehackernews.com/2022/07/the-new-weak-link-in-saas-security.html?utm_source=dlvr.it&utm_medium=blogger

Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability

Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138, arises when the app in question is enabled on either of two services, causing it to create a Confluence user account with the username "
https://thehackernews.com/2022/07/atlassian-releases-patch-for-critical.html?utm_source=dlvr.it&utm_medium=blogger

FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers

The U.S. Department of Justice (DoJ) has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui. "The seized funds include ransoms paid by healthcare providers in Kansas and Colorado," the DoJ said in a press release issued Tuesday. The recovery of the bitcoin ransoms
https://thehackernews.com/2022/07/fbi-seizes-500000-ransomware-payments.html?utm_source=dlvr.it&utm_medium=blogger

Cynomi Automated Virtual CISO (vCISO) Platform for Service Providers

Growing cyber threats, tightening regulatory demands and strict cyber insurance requirements are driving small to medium-sized enterprises demand for strategic cybersecurity and compliance guidance and management. Since most companies this size don't have in-house CISO expertise – the demand for virtual CISO (vCISO) services is also growing. Yet current vCISO services models still rely on manual
https://thehackernews.com/2022/07/cynomi-automated-virtual-ciso-vciso.html?utm_source=dlvr.it&utm_medium=blogger

FBI Warns of Fake Cryptocurrency apps to Steal Funds from Investors

The US security agency, FBI (Federal Bureau of Investigation) has issued a warning today that overseas investors (specifically US-based) have been targeted by cybercriminals who are stealing funds using fraudulent cryptocurrency investment applications. It is estimated that approximately $42.7 million has already been stolen from 244 victims to date by cybercriminals, as per the US […] The post FBI Warns of Fake Cryptocurrency apps to Steal Funds from Investors appeared first on Cyber Security News.
https://cybersecuritynews.com/fbi-warns-of-fake-cryptocurrency-apps/?utm_source=dlvr.it&utm_medium=blogger

This Cloud Botnet Has Hijacked 30,000 Systems to Mine Cryptocurrencies

The 8220 cryptomining group has expanded in size to encompass as many as 30,000 infected hosts, up from 2,000 hosts globally in mid-2021. "8220 Gang is one of the many low-skill crimeware gangs we continually observe infecting cloud hosts and operating a botnet and cryptocurrency miners through known vulnerabilities and remote access brute forcing infection vectors," Tom Hegel of SentinelOne 
https://thehackernews.com/2022/07/this-cloud-botnet-has-hijacked-30000.html?utm_source=dlvr.it&utm_medium=blogger

Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a handful of unpatched security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers outfitted in over 1.5 million vehicles that could lead to remote disruption of critical operations. "Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control of
https://thehackernews.com/2022/07/unpatched-gps-tracker-bugs-could-let.html?utm_source=dlvr.it&utm_medium=blogger

Dealing With Alert Overload? There's a Guide For That

The Great Resignation – or the Great Reshuffle as some are calling it – and the growing skills gap have been dominating headlines lately. But these issues aren't new to the cybersecurity industry. While many are just now hearing about employee burnout, security teams have faced reality and serious consequences of burnout for years.  One of the biggest culprits? Alert overload.  The average
https://thehackernews.com/2022/07/dealing-with-alert-overload-theres.html?utm_source=dlvr.it&utm_medium=blogger

Russian Hackers Tricked Ukrainians with Fake "DoS Android Apps to Target Russia"

Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service (DDoS) attacks against Russian sites. Google Threat Analysis Group (TAG) attributed the malware to Turla, an advanced persistent threat also known as Krypton, Venomous Bear, Waterbug, and Uroburos, and
https://thehackernews.com/2022/07/russian-hackers-tricked-ukrainians-with.html?utm_source=dlvr.it&utm_medium=blogger

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals

A new method devised to leak information and jump over air-gaps takes advantage of Serial Advanced Technology Attachment (SATA) or Serial ATA cables as a communication medium, adding to a long list of electromagnetic, magnetic, electric, optical, and acoustic methods already demonstrated to plunder data. "Although air-gap computers have no wireless connectivity, we show that attackers can use
https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html?utm_source=dlvr.it&utm_medium=blogger

Are You Aware of the Top Email Threats to Protect Against Today?

Given the growing volumes of emails received every day, people do not have the time to devote to every email and fall prey to email threats. This has made emails the most popular attack vector. So, what are the common email threats today? Read on to find out.   13 Email Threats to Know About and […] The post Are You Aware of the Top Email Threats to Protect Against Today? appeared first on Cyber Security News.
https://cybersecuritynews.com/13-email-threats/?utm_source=dlvr.it&utm_medium=blogger

Several New Play Store Apps Spotted Distributing Joker, Facestealer and Coper Malware

Google has taken steps to ax dozens of fraudulent apps from the official Play Store that were spotted propagating Joker, Facestealer, and Coper malware families through the virtual marketplace. While the Android storefront is considered to be a trusted source for discovering and installing apps, bad actors have repeatedly found ways to sneak past security barriers erected by Google in hopes of
https://thehackernews.com/2022/07/several-new-play-store-apps-spotted.html?utm_source=dlvr.it&utm_medium=blogger

Pegasus Spyware Used to Hack Devices of Pro-Democracy Activists in Thailand

Thai activists involved in the country's pro-democracy protests have had their smartphones infected with the infamous Pegasus government-sponsored spyware. At least 30 individuals, spanning activists, academics, lawyers, and NGO workers, are believed to have been targeted between October 2020 and November 2021, many of whom have been previously detained, arrested and imprisoned for their
https://thehackernews.com/2022/07/pegasus-spyware-used-to-hack-devices-of.html?utm_source=dlvr.it&utm_medium=blogger

Experts Notice Sudden Surge in Exploitation of WordPress Page Builder Plugin Vulnerability

Researchers from Wordfence have sounded the alarm about a "sudden" spike in cyber attacks attempting to exploit an unpatched flaw in a WordPress plugin called Kaswara Modern WPBakery Page Builder Addons. Tracked as CVE-2021-24284, the issue is rated 10.0 on the CVSS vulnerability scoring system and relates to an unauthenticated arbitrary file upload that could be abused to gain code execution,
https://thehackernews.com/2022/07/experts-notice-sudden-surge-in.html?utm_source=dlvr.it&utm_medium=blogger

Mind the Gap – How to Ensure Your Vulnerability Detection Methods are up to Scratch

With global cybercrime costs expected to reach $10.5 trillion annually by 2025, it comes as little surprise that the risk of attack is companies' biggest concern globally. To help businesses uncover and fix the vulnerabilities and misconfigurations affecting their systems, there is an (over)abundance of solutions available.  But beware, they may not give you a full and continuous view of your
https://thehackernews.com/2022/07/mind-gap-how-to-ensure-your.html?utm_source=dlvr.it&utm_medium=blogger

How To Manage Cybersecurity Risk In The Age Of Information Overload

Managing cybersecurity risk in the Information Age is no easy feat. Each day, we’re bombarded with news of increasingly sophisticated cyber threats and attacks. Nefarious actors are exploiting vulnerabilities in our systems and networks, and businesses are struggling to keep up. Now, business leaders are commonly choosing to register in a cyber security course to better prepare […] The post How To Manage Cybersecurity Risk In The Age Of Information Overload appeared first on Cyber Security News.
https://cybersecuritynews.com/how-to-manage-cybersecurity-risk-in-the-age-of-information-overload-2/?utm_source=dlvr.it&utm_medium=blogger

All Free Red Teaming Tools & Simulation Toolkit For Red Team Operations 2022

We are bringing here a collection of open-source and commercial Red Team tools that aid in red team operations. This repository will help you with the majority part of red team engagement. You can also join the Certified Red Team Expert program to become a master in red team operation and understand real-world attacks. Read Team […] The post All Free Red Teaming Tools & Simulation Toolkit For Red Team Operations 2022 appeared first on Cyber Security News.
https://cybersecuritynews.com/free-red-teaming-tools/?utm_source=dlvr.it&utm_medium=blogger

Software developers, how secure is your software ?

If you develop software, then a Secure Software Development Lifecycle (SSDL) process must be used starting from design, during the implementation, testing, deployment and ends when the product reaches its end of life. Do not forget also about the software… Read more → The post Software developers, how secure is your software ? first appeared on IT Security News.
https://www.itsecuritynews.info/software-developers-how-secure-is-your-software-8/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=software-developers-how-secure-is-your-software-8

Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment

The high-end British jeweler Graff paid a £6 million ransom after the ransomware attack it suffered in 2021. In September 2021, the Conti ransomware gang hit high society jeweler Graff and threatens to release private details of world leaders, actors… Read more → The post Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment first appeared on IT Security News.
https://www.itsecuritynews.info/graff-paid-a-7-5m-ransom-and-sued-its-insurance-firm-for-refusing-to-cover-this-payment/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=graff-paid-a-7-5m-ransom-and-sued-its-insurance-firm-for-refusing-to-cover-this-payment

New Android Malware on the Google Play Store with Over 3 Million Downloads

A new Android malware called ‘Autolycos’ installed over 3 million times is surfing on the Google Play Store by secretly subscribing users to its premium services. Maxime Ingrao, Security Researcher from Evina found the new android malware ‘Autolycos’, which is… Read more → The post New Android Malware on the Google Play Store with Over 3 Million Downloads first appeared on IT Security News.
https://www.itsecuritynews.info/new-android-malware-on-the-google-play-store-with-over-3-million-downloads/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=new-android-malware-on-the-google-play-store-with-over-3-million-downloads

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems. The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging… Read more → The post Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking first appeared on IT Security News.
https://www.itsecuritynews.info/juniper-releases-patches-for-critical-flaws-in-junos-os-and-contrail-networking/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=juniper-releases-patches-for-critical-flaws-in-junos-os-and-contrail-networking

Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Dealing with threats and preventing sensitive data loss Recently, Normalyze, a data-first cloud security platform, came out of stealth with $22.2M in Series A funding.… Read more → The post Week in review: Kali Linux gets on Linode, facial recognition defeated, Log4j exploitation first appeared on IT Security News.
https://www.itsecuritynews.info/week-in-review-kali-linux-gets-on-linode-facial-recognition-defeated-log4j-exploitation/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=week-in-review-kali-linux-gets-on-linode-facial-recognition-defeated-log4j-exploitation

Pakistani APT Hackers Attack Indian Education Institutes & Students With New Malware

Recently, Cisco Talos discovered that the Transparent Tribe APT group is engaged in an ongoing malicious campaign. APT hackers from Pakistan have carried out a malicious campaign against several educational institutions located throughout India in order to inflict harm on students. In this ongoing active campaign, the APT is also targeting civilian users within its […] The post Pakistani APT Hackers Attack Indian Education Institutes & Students With New Malware appeared first on Cyber Security News.
https://cybersecuritynews.com/pakistani-apt-hackers-attack-indian-education-institutes-students-with-new-malware/?utm_source=dlvr.it&utm_medium=blogger

Eskimi – 1,197,620 breached accounts

In late 2020, the AdTech platform Eskimi suffered a data breach that exposed 26M records with 1.2M unique email addresses. The data included usernames, dates of birth, genders and passwords stored as unsalted MD5 hashes. This article has been indexed… Read more → The post Eskimi – 1,197,620 breached accounts first appeared on IT Security News.
https://www.itsecuritynews.info/eskimi-1197620-breached-accounts/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=eskimi-1197620-breached-accounts

Four Steps to Using Metrics to Defend Your Security Budget

By Diana-Lynn Contesti (Chief Architect, CISSP-ISSAP, ISSMP, CSSLP, SSCP), and Richard Nealon (Senior Security Consultant, CISSP-ISSMP, SSCP, SABSA SCF) Ever find yourself in a struggle to defend your security budget or to introduce a change? This guide is a baseline to help… Read more → The post Four Steps to Using Metrics to Defend Your Security Budget first appeared on IT Security News.
https://www.itsecuritynews.info/four-steps-to-using-metrics-to-defend-your-security-budget-3/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=four-steps-to-using-metrics-to-defend-your-security-budget-3

Haystack Secure Delivery protects sensitive and proprietary internal communications

Haystack announced Secure Delivery, a feature that deters unattributed, unauthorized sharing of sensitive information and keeps internal communications internal. “Taking an email out of context can be disastrous. Leaking company information can be even more damaging. Organizations can now rest… Read more → The post Haystack Secure Delivery protects sensitive and proprietary internal communications first appeared on IT Security News.
https://www.itsecuritynews.info/haystack-secure-delivery-protects-sensitive-and-proprietary-internal-communications/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=haystack-secure-delivery-protects-sensitive-and-proprietary-internal-communications

Keysight Cyber Training Simulator enables students to develop their skills in a realistic environment

Keysight Technologies has introduced Keysight Cyber Training Simulator (KCTS), a comprehensive, turnkey cyber range that simulates real-world traffic using the company’s BreakingPoint solution. With cybercrime on the rise and cybersecurity professionals difficult to find, organizations are at risk. Consequently, cybersecurity… Read more → The post Keysight Cyber Training Simulator enables students to develop their skills in a realistic environment first appeared on IT Security News.
https://www.itsecuritynews.info/keysight-cyber-training-simulator-enables-students-to-develop-their-skills-in-a-realistic-environment/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=keysight-cyber-training-simulator-enables-students-to-develop-their-skills-in-a-realistic-environment

New Cache Side Channel Attack Can De-Anonymize Targeted Online Users

A group of academics from the New Jersey Institute of Technology (NJIT) has warned of a novel technique that could be used to defeat anonymity protections and identify a unique website visitor. "An attacker who has complete or partial control over a website can learn whether a specific target (i.e., a unique individual) is browsing the website," the researchers said. "The attacker knows this
https://thehackernews.com/2022/07/new-cache-side-channel-attack-can-de.html?utm_source=dlvr.it&utm_medium=blogger

North Korean Hackers Targeting Small and Midsize Businesses with H0lyGh0st Ransomware

An emerging threat cluster originating from North Korea has been linked to developing and using ransomware in cyberattacks targeting small businesses since September 2021. The group, which calls itself H0lyGh0st after the ransomware payload of the same name, is being tracked by the Microsoft Threat Intelligence Center under the moniker DEV-0530, a designation assigned for unknown, emerging, or a
https://thehackernews.com/2022/07/north-korean-hackers-targeting-small.html?utm_source=dlvr.it&utm_medium=blogger

Meet Mantis – the tiny shrimp that launched 3,000 DDoS attacks

Watch out for deadly pinchers after that record-breaking attack The botnet behind the largest-ever HTTPS-based distributed-denial-of-service (DDoS) attack has been named after a tiny shrimp.… This article has been indexed from The Register – Security Read the original article: Meet… Read more → The post Meet Mantis – the tiny shrimp that launched 3,000 DDoS attacks first appeared on IT Security News.
https://www.itsecuritynews.info/meet-mantis-the-tiny-shrimp-that-launched-3000-ddos-attacks-2/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=meet-mantis-the-tiny-shrimp-that-launched-3000-ddos-attacks-2

Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers

The botnet behind the largest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers. Calling the powerful botnet Mantis, the web performance and security company attributed it to… Read more → The post Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers first appeared on IT Security News.
https://www.itsecuritynews.info/mantis-botnet-behind-the-largest-https-ddos-attack-targeting-cloudflare-customers/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=mantis-botnet-behind-the-largest-https-ddos-attack-targeting-cloudflare-customers

New infosec products of the week: July 15, 2022

Here’s a look at the most interesting products from the past week, featuring releases from Deloitte, Flashpoint, CertiK, CyberArk, and N-able. Flashpoint Automate accelerates repeatable security-related processes Combined with the Flashpoint Intelligence Platform, Flashpoint Automate’s capabilities provide security teams with… Read more → The post New infosec products of the week: July 15, 2022 first appeared on IT Security News.
https://www.itsecuritynews.info/new-infosec-products-of-the-week-july-15-2022/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=new-infosec-products-of-the-week-july-15-2022

Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers

The botnet behind the largest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers. Calling the powerful botnet Mantis, the web performance and security company attributed it to more than 3,000 HTTP DDoS attacks against its users. The most attacked industry verticals include internet and telecom, media,
https://thehackernews.com/2022/07/mantis-botnet-behind-largest-https-ddos.html?utm_source=dlvr.it&utm_medium=blogger

Pakistani Hackers Targeting Indian Students in Latest Malware Campaign

The advanced persistent threat (APT) group known as Transparent Tribe has been attributed to a new ongoing phishing campaign targeting students at various educational institutions in India at least since December 2021. "This new campaign also suggests that the APT is actively expanding its network of victims to include civilian users," Cisco Talos said in a report shared with The Hacker News.
https://thehackernews.com/2022/07/pakistani-hackers-targeting-indian.html?utm_source=dlvr.it&utm_medium=blogger

New 'Retbleed' Speculative Execution Attack Affects AMD and Intel CPUs

Security researchers have uncovered yet another vulnerability affecting numerous older AMD and Intel microprocessors that could bypass current defenses and result in Spectre-based speculative-execution attacks. Dubbed Retbleed by ETH Zurich researchers Johannes Wikner and Kaveh Razavi, the issues are tracked as CVE-2022-29900 (AMD) and CVE-2022-29901 (Intel), with the chipmakers releasing 
https://thehackernews.com/2022/07/new-retbleed-speculative-execution.html?utm_source=dlvr.it&utm_medium=blogger

Large-Scale Phishing Campaign Bypasses MFA

Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets. This article has been indexed from Threatpost Read the original article: Large-Scale Phishing Campaign Bypasses… Read more → The post Large-Scale Phishing Campaign Bypasses MFA first appeared on IT Security News.
https://www.itsecuritynews.info/large-scale-phishing-campaign-bypasses-mfa/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=large-scale-phishing-campaign-bypasses-mfa

New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models

Consumer electronics maker Lenovo on Tuesday rolled out fixes to contain three security flaws in its UEFI firmware affecting over 70 product models. "The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot, possibly allowing the attackers to hijack the OS execution flow and disable some important security features," Slovak cybersecurity
https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.html?utm_source=dlvr.it&utm_medium=blogger

Researchers Uncover New Attempts by Qakbot Malware to Evade Detection

The operators behind the Qakbot malware are transforming their delivery vectors in an attempt to sidestep detection. "Most recently, threat actors have transformed their techniques to evade detection by using ZIP file extensions, enticing file names with common formats, and Excel (XLM) 4.0 to trick victims into downloading malicious attachments that install Qakbot," Zscaler Threatlabz
https://thehackernews.com/2022/07/researchers-uncover-new-attempts-by.html?utm_source=dlvr.it&utm_medium=blogger

Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout

Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that's under active attack in the wild. Of the 84 shortcomings, four are rated Critical, and 80 are rated Important in severity. Also separately resolved by the tech giant are two other bugs in the Chromium-based Edge browser, one
https://thehackernews.com/2022/07/microsoft-releases-fix-for-zero-day.html?utm_source=dlvr.it&utm_medium=blogger

Out of Date Risk Assessment Intel is Damaging Company Security says Armis

With results from more than 100 professionals in cybersecurity, Armis released a survey that explored the risks and struggles within the industry as the environment changes. As the landscape of cybersecurity changes rapidly, security intel being reported to companies may… Read more → The post Out of Date Risk Assessment Intel is Damaging Company Security says Armis first appeared on IT Security News.
https://www.itsecuritynews.info/out-of-date-risk-assessment-intel-is-damaging-company-security-says-armis/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=out-of-date-risk-assessment-intel-is-damaging-company-security-says-armis

TikTok Postpones Privacy Policy Update in Europe After Italy Warns of GDPR Breach

Popular video-sharing platform TikTok on Tuesday agreed to pause a controversial privacy policy update that could have allowed it to serve targeted ads based on users' activity on the social video platform without their permission to do so. The reversal, reported by TechCrunch, comes a day after the Italian data protection authority — the Garante per la Protezione dei Dati Personali — warned the
https://thehackernews.com/2022/07/tiktok-postpones-privacy-policy-update.html?utm_source=dlvr.it&utm_medium=blogger

Avoiding Death by a Thousand Scripts: Using Automated Content Security Policies

Businesses know they need to secure their client-side scripts. Content security policies (CSPs) are a great way to do that. But CSPs are cumbersome. One mistake and you have a potentially significant client-side security gap. Finding those gaps means long and tedious hours (or days) in manual code reviews through thousands of lines of script on your web applications. Automated content security
https://thehackernews.com/2022/07/avoiding-death-by-thousand-scripts.html?utm_source=dlvr.it&utm_medium=blogger

🚀 Launching Autonomous SecOps (Your Virtual, Algorithm-Driven Tier 1 SOC Team)

We are helping security teams go beyond individual file analysis to automate their entire Endpoint and Email alert triage processes with our new dashboard. Autonomous SecOps provides a better, more affordable alternative to in-house Tier 1 teams or external Managed… Read more → The post 🚀 Launching Autonomous SecOps (Your Virtual, Algorithm-Driven Tier 1 SOC Team) first appeared on IT Security News.
https://www.itsecuritynews.info/%f0%9f%9a%80-launching-autonomous-secops-your-virtual-algorithm-driven-tier-1-soc-team-33/?utm_source=dlvr.it&utm_medium=blogger&utm_campaign=%25f0%259f%259a%2580-launching-autonomous-secops-your-virtual-algorithm-driven-tier-1-soc-team-33

Rozena Backdoor Malware Uses a Fileless Attack to Injecting Remote shell on Windows

In order to distribute a previously undocumented backdoor named Rozena on Windows systems, an phishing campaign has recently been observed that leverages the recently disclosed Follina vulnerability. The Microsoft Windows Support Diagnostic Tool (MSDT) is an application that is designed for remote code execution, resulting in a CVE-2022-30190 vulnerability that was published in May 2022. […] The post Rozena Backdoor Malware Uses a Fileless Attack to Injecting Remote shell on Windows appeared first on Cyber Security News.
https://cybersecuritynews.com/rozena-backdoor-malware/?utm_source=dlvr.it&utm_medium=blogger