A new malware named ‘Cuttlefish’ has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. Lumen Technologies’ Black Lotus Labs examined the new malware and reports that Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data discreetly while…
Read More
Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. Qantas is Australia’s flag carrier and the largest airline by fleet size, operating 125 aircraft and serving 104 destinations. Qantas has 23,500 employees and an annual revenue of almost $12.9 billion. Earlier today,…
Read More
Tenable Cloud Security is enhancing its capabilities with malware detection. Combined with its cutting-edge, agentless vulnerability-scanning technology, including its ability to detect anomalous behavior, this new capability makes Tenable Cloud Security a much more complete and effective solution. Read on to find out how. In the ever-evolving landscape of cloud computing, security remains paramount. Even…
Read More
These attacks were primarily leveraged by ransomware and other extortion-related threat actors, and the main entry point was web applications, the report noted. Analyzing the data also reveals a significant area of weakness among many organizations — bad actors are more quickly harnessing vulnerabilities than organizations can patch them. It takes organizations approximately 55 days…
Read MoreAI Voice Scam Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her. Tags: artificial intelligence, scams, social engineering Posted on May 1, 2024 at 7:09 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source link lol
Read More
May 01, 2024NewsroomMalware / Cyber Threat The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it’s based on, indicating that it’s being actively developed. “The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection,” Zscaler…
Read More
May 01, 2024The Hacker NewsSecurity Awareness Training There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how…
Read More
Executive Summary The “Security Alert” scam is a prevalent tech-support fraud that threatens both Windows and Apple users. It exploits the trust of users by masquerading as an official support site, using fake pop-up warnings to lure users into dialing scam phone numbers by conveying a sense of urgency. The ultimate goal is gaining remote…
Read More
May 01, 2024NewsroomNational Security / Insider Threat A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia. “This sentence should serve as a stark warning to all those entrusted with protecting national defense information that there…
Read More
Kansas City Cybersecurity Conference, Virtual and Kansas City, Missouri: June 6 SecureWorld Chicago, Chicago, Illinois: June 6 IDC Security Roadshow, Doha, Qatar: June 10 AWS re:Inforce, Philadelphia, Pennsylvania: June 10 – 12 AppSec SoCal, Santa Monica, California: June 12 Boston Cybersecurity Conference, Boston, Massachusetts: June 13 Cybersecurity Soiree, Paris, France: June 13 Montreal Cybersecurity Conference,…
Read More