Roblox developers have been targeted by a resurgence of malicious packages on the npm repository, deploying the Luna Grabber malware. This campaign raises concerns for software supply chain security. The malicious packages mimic the legitimate 'noblox.js' package, deceiving developers into downloading compromised packages. The attackers replicate code from 'noblox.js' while embedding malicious information-stealing functions. This is similar to a previous attack in 2021. The malicious packages now imitate the original 'noblox.js' even more convincingly and carry a post-installation script with a malicious payload. Luna Grabber is the weapon of choice for the attackers, offering a customizable and detailed instructions on GitHub on how to compile a malicious executable. This campaign highlights the vulnerability of open-source repositories and the importance of robust supply chain security practices. #maliciouspackages #RobloxDevelopers
API authentication vulnerabilities have become a major concern in cloud security. Microsoft's cloud services have recently faced scrutiny regarding these vulnerabilities. APIs, which provide connections between software without human login, are often difficult to secure. Organizations should hire specialized consultants to review software for vulnerabilities. The OWASP API security Top 10 lists common issues to look for when dealing with APIs. Solutions like Microsoft's IP Firewall can help mitigate threats in real-time. Basic measures like limiting permissions, patching, and enabling secure transmission are also essential. Monitoring cache control and reviewing error messages are additional security measures. Weak passwords and credential stuffing should be blocked to ensure API security. Regular reviews of authentication flows and two-factor authentication implementation are necessary. Vendors should provide timely information about vulnerabilities. #APIsecurity #cloudsecurity #vulnerabilities #OWASP #IPFirewall
Five processes every organization needs for successful BizDevOps: Business Process Modeling, Data Modeling, Metadata Management, CI/CD Tools, and Collaboration. #BizDevOps #BusinessProcessModeling #DataModeling #MetadataManagement #CI/CDTools #Collaboration
Summary:
- Ivanti Sentry Zero-Day vulnerability has been confirmed as exploited in attacks.
- The vulnerability allows unauthenticated attackers to access sensitive APIs and execute OS commands as a system administrator.
- Other Ivanti product vulnerabilities have also been exploited in attacks.
- The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed the active exploitation and added it to its Known Exploited Vulnerabilities Catalog.
- The vulnerability affects specific versions of Ivanti Sentry.
- Risk of exploitation is low when the specific port is not exposed to the internet.
Hashtags:
#Ivanti #vulnerability #cybersecurity #exploitation #CVE #CISA
https://www.securityweek.com/exploitation-of-ivanti-sentry-zero-day-confirmed/
TP-Link Smart Bulb has been found to have vulnerabilities that can expose Wi-Fi passwords. Researchers discovered bugs related to authentication, secret sharing, encryption, and denial of service. These vulnerabilities can allow attackers to control the smart bulb and gain access to other devices connected to the user's Tapo account. Hashtags: #SmartBulb #SecurityVulnerabilities #WiFiPasswords #IoTSecurity
https://www.infosecurity-magazine.com/news/tplink-smart-bulb-wifi-passwords/
Experian pays $650,000 to settle spam claims, violated CAN-SPAM Act, sent emails without opt-out mechanism. #Experian #spam #CANSPAMAct
https://www.infosecurity-magazine.com/news/experian-pays-650000-settle-spam/
XLoader malware attacking macOS users disguised as signed OfficeNote App. XLoader poses as an innocuous app and has undergone a transformative evolution. The malware is distributed through a deceptive Apple disk image. Apple has revoked the signature associated with the application. XLoader's new variant has been widely disseminated and monetized. The malware displays an error message to divert suspicion and establishes persistence mechanisms. XLoader focuses on intercepting clipboard contents and pilfering sensitive data. The malware employs elaborate communication strategies and evasion techniques. #macOS #malware #XLoader #cybersecurity #security
AI is being used to analyze data from license plate scanners to identify suspicious vehicle behavior. The system scans over 16 million license plates a week across 480 cameras and also takes notes on vehicle make, model, and color. #AI #surveillance
License plate scanners equipped with AI are being used for bulk surveillance by analyzing driving patterns. The data gathered includes over 16 million license plates scanned a week and notes on vehicle details. #AI #privacy
The use of AI on license plate scanner data is raising concerns about dragnet surveillance and the violation of privacy rights. The system scans millions of license plates a week and collects information on vehicles' make, model, and color. #licenseplates #surveillance
https://www.schneier.com/blog/archives/2023/08/applying-ai-to-license-plate-surveillance.html
Tourists looking up in large metropolitan areas and network intruders both exhibit similar behavior that can be used as a warning sign of potential attacks. Security experts recommend setting up virtual tripwires to detect unauthorized users and devices. Cisco Talos has observed a rise in high-sophistication attacks on network infrastructure, emphasizing the need to detect and detach initial footholds. Thinkst offers canary tokens that act as tripwires and alert users of suspicious activity. These tokens can be embedded in regular files and are free to use. Canaries work effectively in catching compromises early on and increasing the time taken for attackers.
"Snakes in airplane mode" - Researchers at Apple device management company, Jamf, have discovered a technique to maintain connectivity on iPhones that appear to be in airplane mode. The technique involves intercepting the API call triggered by toggling airplane mode on, allowing certain apps to still use mobile data while giving the appearance of being offline. This raises concerns about the potential for malicious apps to be disguised as legitimate apps on the App Store. #FakeAirplaneMode #MobileConnectivity #iPhoneSecurity
Note: The provided text did not contain enough information to determine the exact number of sentences and hashtags requested. Please specify the desired values so that a more accurate response can be provided.
US Military Targeted in Recent HiatusRAT Attack. #Cybersecurity #HiatusRAT #USMilitary #Reconnaissance #ThreatActor
Summary: HiatusRAT, a malware campaign, has been targeting a US military procurement system for reconnaissance. The threat actor has shifted tactics and is now focusing on Taiwanese entities. The HiatusRAT activity does not overlap with known threat actors, but aligns with recent Chinese-oriented operations against US-based entities. Defense contractors should exercise caution and monitor their networking devices for the presence of HiatusRAT.
https://www.securityweek.com/us-military-targeted-in-recent-hiatusrat-attack/
Summary: Cris Thomas, also known as Space Rogue, was a member of the Lopht Heavy Industries hacker collective. He discusses the blurred lines between hackers and researchers, highlighting the differences in their processes and motivations. Thomas emphasizes the importance of hackers and researchers in making the world a more secure place. He also talks about the role of education in the hacking field and the potential impact of government control on creating more blackhat hackers.
Hashtags: #HackerConversations #LophtHeavyIndustries #WhitehatHackers #BlackhatHackers #ResearchVsHacking
TP-Link Smart Bulb vulnerabilities expose households to hacker attacks. Hashtags: #SmartBulb #Cybersecurity #Vulnerabilities #HackerAttacks
https://www.securityweek.com/tp-link-smart-bulb-vulnerabilities-expose-households-to-hacker-attacks/
US ARPA-H initiative unveiled the DIGIHEALS project to counter cyber-attacks in the US healthcare system. The project aims to repurpose technologies for civilian health systems and personal health devices. It also addresses software vulnerabilities that could jeopardize patient safety. The initiative emphasizes information sharing and rapid response. #HealthcareCyberThreats #DigitalHealthSecurity #Cybersecurity #PatientSafety
https://www.infosecurity-magazine.com/news/us-arpa-h-counters-healthcare/
Cybersecurity researchers from ESET have discovered a toolset called Spacecolon that spreads the Scarab ransomware worldwide. The toolset enters victim organizations by exploiting vulnerable web servers or using brute-force attacks on RDP credentials. Spacecolon contains Turkish strings, suggesting the involvement of a Turkish-speaking developer. The toolset comprises three components - ScHackTool, ScInstaller, and ScService - which allow the operators to establish remote access and launch ransomware attacks. ESET also found a new ransomware family, ScRansom, created by the same developer behind Spacecolon. The ransomware encrypts drives using the AES-128 algorithm. #ESET #cybersecurity #Spacecolon #Scarab #ransomware
https://www.infosecurity-magazine.com/news/scarab-ransomware-deployed-via/
1. Healthcare data breaches decrease by 15%, but number of victims surges by 31% in H1 2023. #cybersecurity #data breaches #healthcare
2. Breaches due to hacking and IT incidents account for 73% of total breaches. #hacking #IT #breaches
3. Network server vulnerabilities responsible for 97% of compromised records. #networksecurity #vulnerabilities #compromisedrecords
4. Business associates face increased targeting in data breaches. #thirdparties #dataloss #businessassociates
5. Proactive defense strategies and incident response planning crucial in healthcare cybersecurity. #proactive #incidentresponse #cybersecurityinvestments
https://www.infosecurity-magazine.com/news/critical-insight-h1-2023/
Adobe co-founder and creator of PDF files, Dr. John Warnock, passes away at 82. Warnock invented the PDF format during his time at Adobe. He received numerous awards for his contributions to technology and innovation. His inventions, such as Illustrator and Acrobat, revolutionized desktop publishing. Warnock had a deep understanding of customer needs and regularly used Adobe products himself. He leaves behind a lasting impact on the way people communicate with words, images, and videos. #AdobeCoFounder #PDFInnovator #JohnWarnock #TechnologyInnovation #DesktopPublishing
https://cybersecuritynews.com/adobe-co-founder-john-warnock/
Summary: Attackers have been using QR codes to steal Microsoft credentials, with a major energy company in the US being a prominent target. The phishing campaign has seen significant growth and uses QR codes disguised as Microsoft security notifications. Industries such as manufacturing, insurance, technology, and financial services have also been affected. Enterprises should educate employees on the risks of scanning QR codes in emails and consider using automation tools to detect and block malicious QR codes.
Hashtags: #cyberattack #cybersecurity #cybersecuritynews
https://cybersecuritynews.com/attackers-weaponizing-qr-codes/
Smart Bulbs can be hacked to steal Wi-Fi passwords. Rise of IoT creates security challenges. Researchers identified vulnerabilities in Tapo L530E smart bulb. Lack of authentication, hard-coded shared secret, and encryption flaws. Attackers can impersonate or de-authenticate the bulb to gain credentials. TP-Link informed and will fix the flaws. #cyberattack #cybersecurity #wifi
Ivanti warns of critical new zero-day bug in its Sentry product. The bug could enable an unauthenticated actor to access sensitive APIs and perform various actions on the system. Ivanti advises customers to upgrade to a supported version and restrict access to internal management networks. #Ivanti #ZeroDayBug
https://www.infosecurity-magazine.com/news/ivanti-critical-zeroday-bug/