Key findings from ESET Threat Report H1 2023 – Week in security with Tony Anscombe

Here's how cybercriminals have adjusted their tactics in response to Microsoft's stricter security policies and other interesting findings from ESET's new Threat Report

The post Key findings from ESET Threat Report H1 2023 – Week in security with Tony Anscombe appeared first on WeLiveSecurity

Entitle Brings Fine-Grained Cloud Permissions Management Out of Stealth

The platform uses no-code policy workflows to automate the provisioning and revoking of permissions.

Google Delivers Record-Breaking $12M in Bug Bounties

Google's Android and Chrome Vulnerability Reward Programs (VRPs) in particular saw hundreds of valid reports and payouts for security vulnerabilities discovered by ethical hackers.

Google Translate Helps BEC Groups Scam Companies in Any Language

BEC gangs Midnight Hedgehog and Mandarin Capybara show how online marketing and translation tools are making it easy for these threat groups to scale internationally.

Descope Handles Authentication So Developers Don't Have To

Developers don't have to build authentication and user management from scratch, and can devote their energies to the core functions of the application, instead.

OT Network Security Myths Busted in a Pair of Hacks

How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.

Dark Web Revenue Down Dramatically After Hydra's Demise

Competitor markets working to replace Hydra's money-laundering services for cybercriminals.

Trickbot Members Sanctioned for Pandemic-Era Ransomware Hits

The US Treasury Department linked the notorious cybercrime gang to Russian Intelligence Services because cyberattacks that disrupted hospitals and other critical infrastructure align with Russian state interests.

Building Up IAM in a Multicloud World

In the cloud-first world, the security goal is to ensure only qualified users can access information across clouds.

Why Some Cloud Services Vulnerabilities Are So Hard to Fix

Five months after AWS customers were alerted about three vulnerabilities, nearly none had plugged the holes. The reasons why underline a need for change.

Crypto Drainers Are Ready to Ransack Investor Wallets

Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors.

Critical VMware RCE Vulnerabilities Targeted by Public Exploit Code

Security vulnerabilities in VMware's vRealize Log Insight platform can be chained together to offer a cybercriminals a gaping hole to access corporate crown jewels.

10M JD Sports Customers' Info Exposed in Data Breach

UK sportswear retailer asks exposed customers to stay "vigilant" against phishing attempts following cyberattack.

Enterprises Need to Do More to Assure Consumers About Privacy

Organizations care about data privacy, but their priorities appear to be different from what their customers think are important.

Why Most Companies Still Don’t Know What’s on Their Network

Chris Kirsch, CEO of runZero, sits down with Dark Reading’sTerry Sweeney for a Fast Chat on the importance of asset discovery.

A Child's Garden of Cybersecurity

Whether you dream of your child becoming a CISO or just want them to improve their security hygiene, consider this roundup of literary geekery.

Hive Ransomware Gang Loses Its Honeycomb, Thanks to DoJ

The US Department of Justice hacked into Hive's infrastructure, made off with hundreds of decryptors, and seized the gang's operations.

Ticketmaster Blames Bots in Taylor Swift 'Eras' Tour Debacle

Ticketmaster testified in the Senate that a cyberattack was to blame for the high-profile Taylor Swift concert sales collapse, but some senators aren't so sure.

T-Mobile Breached Again, This Time Exposing 37M Customers' Data

This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported.

Compromised Zendesk Employee Credentials Lead to Breach

Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce.

GPT Emerges as Key AI Tech for Security Vendors

Orca Security is one of the companies integrating conversational AI technology into its products.

PayPal Breach Exposed PII of Nearly 35K Accounts

The credential-stuffing attack, likely fueled by password reuse, yielded personal identifiable information that can be used to verify the authenticity of previously stolen data.

Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched

The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited.

High-Value Targets: String of Aussie Telco Breaches Continues

Australian IT services provider Dialog has announced a breach, making it the third telecom company in the area compromised in less than a month.

Credential Harvesting Is Retail Industry's Top Threat

Why bother with new tactics and exploits when the old tricks are still effective?

Hackers Have It Out for Microsoft Email Defenses

Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security.

Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions

Microsoft cybersecurity executive John Hewie explained cyberwar developments and what they mean for Western democratic policy going forward.

Growing Reliance on Cloud Brings New Security Challenges

With organizations expanding their cloud operations, cloud security is imperative to protect applications and data.

The Insecurities of Cybersecurity Success

Becoming a big wheel doesn't have to cost your happiness, but grind culture makes that likely.

Vice Society Publishes LA Public School Student Data, Psych Evals

After a flat refusal to pay the ransom, Los Angeles Unified School District's stolen data has been dumped on the Dark Web by a ransomware gang.

LA School District Ransomware Attackers Now Threaten to Leak Stolen Data

Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, unless they get paid.

Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet

The "ProxyNotShell" security vulnerabilities can be chained for remote code execution and total takeover of corporate email platforms.

The Country Where You Live Impacts Password Choices

Literacy, levels of personal freedom, and other macro-social factors help determine how strong average passwords are in a given locale, researchers have found.

Capital One Phish Showcases Growing Bank-Brand Targeting Trend

Capital One lures leveraged the bank's new partnership with Authentify, showing that phishers watch the headlines, and take advantage.

XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data

Bugs in Canon Medical's Virea View could allow cyberattackers to access several sources of sensitive patient data.

Fast Company CMS Hack Raises Security Questions

The company's website remains offline after hackers used its compromised CMS to send out racist messages.

Lazarus Lures Aspiring Crypto Pros With Fake Exchange Job Postings

Previously observed using fake Coinbase jobs, the North Korea-sponsored APT has expanded into using Crypo.com gigs as cover to distribute malware.

Amid Sweeping Change, Cyber Defenders Face Escalating Visibility — and Pressure

Why cyber teams are now front and center for business enablement within organizations, and the significant challenges they face.

Russia Planning Cyberattacks on Ukraine's Energy Grid

Ukraine military intelligence says Russia is planning cyberattacks on the country's energy sector, as well as against allies including Poland and the Baltic states.

How Quantum Physics Leads to Decrypting Common Algorithms

YouTuber minutephysics explains how Shor's algorithm builds on existing formulae like Euclid's algorithm and Fourier transforms to leverage quantum superpositioning and break encryption.

Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play

The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.

Researchers Uncover Mysterious 'Metador' Cyber-Espionage Group

Researchers from SentinelLabs laid out what they know about the attackers and implored the researcher community for help in learning more about the shadowy group.

Wintermute DeFi Platform Offers Hacker a Cut in $160M Crypto-Heist

The decentralized finance (DeFi) platform was the victim of an exploit for a partner's vulnerable code — highlighting a challenging cybersecurity environment in the sector.

Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance

At the SecTor 2022 conference in Toronto next month, researchers from Lookout will take a deep dive into Hermit and the shadowy world of mobile surveillance tools used by repressive regimes.

Microsoft Brings Zero Trust to Hardware in Windows 11

A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats.

Beware of Phish: American Airlines, Revolut Data Breaches Expose Customer Info

The airline and the fintech giant both fell to successful phishing attacks against employees.

No Motivation for Quantum Without Regulatory Push

What's it going to take to prod organizations to implement a post-quantum security plan? Legislative pressure.

Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials

The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender's Safe Links feature for identifying malicious links in emails completely failed in the campaign.

Hacker Pwns Uber Via Compromised VPN Account

A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories.

Highlights of the 2022 Pwnie Awards

Since 2007, the Pwnies have celebrated the good, the bad, and the wacky in cybersecurity. Enjoy some of the best moments of this year's ceremony.

Key Takeaways From the Twitter Whistleblower's Testimony

Twitter did not know what data it had or who had access to it, Peiter "Mudge" Zatko told Congressional lawmakers during a Senate panel hearing.

Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs

In Microsoft's lightest Patch Tuesday update of the year so far, several security vulnerabilities stand out as must-patch, researchers warn.

U-Haul Customer Contract Search Tool Compromised

Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.

US Sanctions Iran Over APT Cyberattack Activity

The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.

Holiday Inn Owner InterContinental Has a Breach Trend

After a high-profile 2017 breach and a Holiday Inn ransomware hit earlier this year, IHG confirms that its booking channels and applications have been disrupted in yet another cyberattack.

Next-Gen Linux Malware Takes Over Devices With Unique Tool Set

The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control.

AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data

Thousands of corporate mobile apps developed by businesses for use by their customers contain hardcoded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets.

Ghost Data Increases Enterprise Business Risk

IT has to get its hands around cloud data sprawl. Another area of focus should be on ghost data, as it expands the organization's cloud attack surface.

Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack

The ongoing campaign is spreading worldwide, using the lure of a fully functional Google Translate application for desktops that has helped the threat stay undetected for months.

A Peek Into CISA's Post-Quantum Cryptography Roadmap

To help organizations with their plans, NIST and the Department of Homeland Security developed the Post-Quantum Cryptography Roadmap.