Summary: Hackers are increasingly using non-executable .txt and .log files to deliver malware. These files contain obfuscated code that can go undetected by standard security measures. It is important to regularly examine files, use advanced malware detection software, update software, backup websites, and implement a website firewall to mitigate the risk.
Hashtags: #cybersecurity #cybersecuritynews #malware
Hacker group GhostSec unveils new generation ransomware implant called GhostLocker. GhostLocker offers military-grade encryption and the ability to manage negotiations through a builder. It can bypass antivirus detection and is being sold on the dark web for $999 during beta phase. GhostSec is a former hacktivist group that now engages in financially motivated cyber activity. GhostLocker has already been adopted by the hacking group Stormous. #GhostSec #Ransomware #GhostLocker #Cybersecurity
https://www.infosecurity-magazine.com/news/hacker-ghostsec-unveils-new/
Citrix NetScaler Zero-Day Exploited to Compromise Government Organizations.
#CyberSecurityNews #Vulnerability #ZeroDay #DataBreaches #CyberAI
Two critical vulnerabilities, CVE-2023-4966 and CVE-2023-4967, found in NetScaler ADC and NetScaler Gateway.
Swift action is advised to secure vulnerable systems.
Multiple versions of NetScaler ADC and NetScaler Gateway are affected.
Exploits have already been observed.
Citrix advises customers to install updated versions immediately.
Citrix actively notifies customers and partners about the security issue.
Subscribe to Citrix security bulletins to stay informed.
Patch Manager Plus can help protect against vulnerabilities.
https://cybersecuritynews.com/citrix-netscaler-zero-day-exploited/
Unified Network Security Solutions for Small Businesses streamline user rights, authentication, and compliance metrics to eliminate vulnerabilities and boost productivity. #networksecurity #smallbusiness
Unified security combines different technologies into a single strategy, protecting against various security risks and simplifying management. #unifiedsecurity #cybersecurity
Key features of unified network security include firewalls, intrusion detection systems, VPN, antivirus, and information filtering. #networkprotection #securityfeatures
When choosing a unified network security solution, consider your company's goals, current security tools, budget, scalability, and essential features. #securitysolution #choosingtheright
Unified network security solutions provide protection from cyber threats, simplify management, offer better visibility, and allow for scalability. #networksecuritysolutions #cyberthreats
Best unified network security solutions for small businesses include Perimeter 81, Snort, OSSEC, Wireshark, Burp Suite, Splunk, ManageEngine, Fortinet, Bitdefender, and SonicWall. #bestsolutions #smallbusinessesecurity
Perimeter 81 offers safe access, scalability, and robust encryption for securing remote access to company networks and resources. #Perimeter81 #remotesecurity
Snort is an open-source IDS/IPS system that detects and prevents intrusions, providing customizable threat detection rules. #Snort #intrusiondetection
OSSEC is a versatile intrusion detection system that monitors logs, detects intrusions, and checks for system modifications. #OSSEC #intrustiondetectionsystem
Wireshark is a powerful network protocol analyzer that captures and analyzes network traffic for anomaly detection and vulnerability identification. #Wireshark #networkanalysis
Burp Suite provides comprehensive web application testing, vulnerability detection, and security improvement features. #BurpSuite #webapplicationsecurity
Splunk offers real-time operational intelligence, log data analysis, and visualization for enhanced cybersecurity and performance. #Splunk #realtimeintelligence
ManageEngine provides IT management and security tools, including data leak prevention, cloud resource management, and automation. #ManageEngine #ITmanagement
Fortinet offers secure networking solutions that integrate networking and security for simplified operations and comprehensive protection. #Fortinet #securenetworking
https://cybersecuritynews.com/best-unified-network-security-solutions/
- Sophos Firewall has resolved a password disclosure vulnerability in their system affecting the SPX feature.
- The vulnerability could have exposed sensitive data for users who chose the "specified by sender" password option.
- IT für Caritas eG discovered and disclosed the flaw.
- Users can apply a temporary solution by changing the password type option in their SPX template.
- Sophos has released hotfixes for various versions to address the flaw.
- Users are advised to update their software and apply patches as soon as possible.
- Patch Manager Plus can help protect against vulnerabilities by patching third-party applications quickly.
#cybersecurity #vulnerability #Sophos #passworddisclosure #patchnow #ITsecurity
https://cybersecuritynews.com/sophos-firewall-password-disclosure-vulnerability/
Oracle has released a critical security update that patches 387+ new security flaws. Customers are urged to apply these patches promptly to protect against potential attacks. Thorough testing is advised before applying the patches, as they may impact application functionality. Upgrading to supported versions is also recommended. #cybersecurity #vulnerability
https://cybersecuritynews.com/oracle-critical-security-update/
Summary:
Switzerland's e-voting system has security vulnerabilities that can be exploited by malicious insiders and malware. The system's protection against vote manipulation is flawed, as the protocol is explained online and can be changed by malware. The solution to these vulnerabilities is paper voting. Blockchain does not improve security in voting systems.
Hashtags:
#Switzerland #EVoting #SecurityVulnerability #Malware #Blockchain
Tech CEO sentenced to 5 years in IP address scheme. Hashtags: #TechCEO #Sentencing #IPAddressScheme #WireFraud
Amir Golestan, former CEO of Micfo, sentenced to 5 years in prison for wire fraud. Hashtags: #AmirGolestan #Micfo #WireFraud
Golestan used a network of phony companies to obtain over 735,000 IP addresses. Hashtags: #PhonyCompanies #IPAddressScheme
ARIN sued Golestan and Micfo for obtaining IP addresses under false pretenses. Hashtags: #ARIN #Lawsuit
Golestan pleaded guilty to 20 counts of wire fraud and used shell companies to secure the addresses. Hashtags: #WireFraud #ShellCompanies
Golestan's sentence sends a message of deterrence to others engaging in fraudulent schemes. Hashtags: #Deterrence #FraudScheme #Sentencing
Micfo was involved in brokering IP addresses for VPN providers. Hashtags: #Micfo #IPAddresses #VPNProviders
IPv4 addresses have become a valuable commodity in the market. Hashtags: #IPv4Addresses #Commodity
Golestan will serve 60 months in prison and pay restitution to ARIN. Hashtags: #PrisonSentence #Restitution
https://krebsonsecurity.com/2023/10/tech-ceo-sentenced-to-5-years-in-ip-address-scheme/
1. A cybersecurity consultant shares his journey from high school to becoming a full-time pentester.
2. He initially pursued an apprenticeship with BP but eventually found his passion for cyber security.
3. Despite not having a background in computing, he immersed himself in learning and honing his skills.
4. He pursued a part-time degree in cyber security and engaged in hands-on learning through platforms like TryHackMe and Hack The Box.
5. He faced challenges and self-doubt along the way but persevered and eventually landed a job as a junior cyber security consultant.
6. He emphasizes the importance of gaining perspective and constantly pushing oneself to learn and grow.
7. The journey into cyber security may not be traditional, but it's never too late to start.
#cybersecurity #pentesting #ethicalhacking #learning #perseverance #careerjourney #selfdevelopment
https://www.itsecurityguru.org/2023/10/17/zero-to-pentester/
Anonybit raises $3 million for biometric authentication platform.
Hashtags: #Anonybit #biometric #authentication #funding
https://www.securityweek.com/anonybit-raises-3-million-for-biometric-authentication-platform/
Summary:
MemComputing, a San Diego-based company, is researching the use of in-memory processing ASICs (Application Specific Integrated Circuits) to potentially crack 2048-bit RSA encryption in real time. The company believes that by combining processing and data in memory, they can break the latency introduced by the von Neumann bottleneck and solve complex mathematical problems that are currently intractable for classical computers. They have conducted software emulation tests and believe that their ASICs could solve a 2048-bit factorization problem in a matter of minutes. This development has implications for the future of encryption, potentially rendering current encryption methods obsolete.
Hashtags:
#MemComputing #ASICs #2048bitRSA #Encryption #QuantumComputing #Cybersecurity
Summary: Prove Identity, a startup specializing in digital identity verification and authentication, has raised $40 million in funding. The New York-based company, previously known as Payfone, offers smartphone-based technology that enables frictionless consumer experiences while maintaining security standards against fraud. Prove Identity's platform has been adopted by major banks, retailers, and healthcare institutions, and boasts impressive results such as faster onboarding, reduced abandonment rates, and a significant decrease in fraud.
Hashtags: #ProveIdentity #Funding #DigitalIdentity #Verification #Authentication #SecurityStandards #FraudPrevention
https://www.securityweek.com/prove-identity-snags-40m-funding-for-id-verification-tech/
Fake browser updates are being used to distribute malware. Cybersecurity researchers have identified multiple threat clusters using this tactic. The updates are displayed on compromised websites, imitating popular browsers, and tricking users into downloading malicious software. These threats can be found in emails, search engines, social media, and direct site visits. Each campaign uses unique methods to filter traffic and make detection challenging. Robust cybersecurity measures and user training are essential to combat these threats. #malware #cybersecurity #fakeupdates #threatactors
https://www.infosecurity-magazine.com/news/fake-browser-updates-malware/
Persistent Espionage Campaign Targets APAC Governments. #cybersecurity #espionage #APAC #government #USBthreats #TetrisPhantom #Kaspersky #datainfiltration #maliciousmodules #targetedattacks #threatintelligence #endpointdetection #SecurityAnalystSummit
https://www.infosecurity-magazine.com/news/espionage-campaign-targets-apac/
1. Hackers extort plastic surgery patients by harvesting their sensitive information and medical records.
2. FBI warns of cybercriminals demanding ransom from plastic surgeons and patients to prevent the sharing of this data.
3. Cybercriminals use phishing messages and malware to gather information and enhance it through social media and social engineering.
4. Plastic surgeons and patients are contacted through various channels and pressured to make extortion payments in cryptocurrency.
5. To protect against these attacks, strengthen privacy settings, use unique and complex passwords, monitor bank accounts and credit reports, and report any suspicious activities to the FBI.
#Cybercrime #Extortion #PlasticSurgery #DataBreach #Privacy
https://www.infosecurity-magazine.com/news/hackers-extorting-plastic-surgery/
Top 10 Insider Risk Management Platforms:
1. DoControl
2. ActivTrak
3. Elevate Platform
4. Splunk
5. Varonis
6. Forcepoint
7. Securonix
8. Observe It
9. Exabeam
10. LogRhythm
#InsiderRiskManagement #CyberSecurity #DataProtection #ThreatManagement #RiskMitigation #IRMSoftware #AI #ML #SecurityAnalytics #DataPrivacy
https://cybersecuritynews.com/best-insider-risk-management-platforms/
Multiple vulnerabilities in Titan File Transfer (MFT) and Titan SFTP servers, owned by South River Technologies, have been fixed. The vulnerabilities include remote code execution, information disclosure, and session fixation. The severity of some vulnerabilities is still being analyzed. The exploitation of these vulnerabilities can lead to unauthorized access and manipulation of files. Users are recommended to upgrade to the latest version to prevent exploitation. #cybersecurity #flaw #vulnerability
https://cybersecuritynews.com/titan-file-transfer-server-flaws/
Summary:
A critical zero-day flaw in Atlassian Confluence has been exploited by hackers, allowing them to access servers through fake admin accounts. The Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have warned administrators to update their servers immediately. The flaw is classified as a Broken Access Control vulnerability, and hackers have used tools like cURL and Rclone to steal data. Mitigations include upgrading to fixed versions, implementing multifactor authentication, and adhering to best cybersecurity practices.
Hashtags:
#CISA #FBI #Atlassian #ZeroDay #CyberSecurity
https://cybersecuritynews.com/atlassian-zero-day-flaw-under-attack/
Summary: Threat actors have developed a technique called "EtherHiding" to distribute malicious code using Binance's Smart Chain. They exploit compromised WordPress sites and use fake browser update overlays to inject malicious scripts into web pages. These scripts load the Binance Smart Chain JS library, fetch other malicious scripts from the blockchain, and trigger the download of a third-stage payload from an attacker-controlled server. The technique is difficult to track and shut down using traditional law enforcement methods.
Hashtags: #EtherHiding #MaliciousCode #BinanceSmartChain #CompromisedWordPress #BlockchainSecurity
https://cybersecuritynews.com/etherhiding-a-novel-technique-to-hide-malicious-code/
Summary:
Software vulnerabilities can be detected and addressed using advanced language models such as CodeBERT, GraphCodeBERT, and CodeT5. A tool called AIBugHunter in VSCode utilizes these models for software security. Cybersecurity researchers from Monash University explored the use of ChatGPT in software vulnerability prediction, classification, severity estimation, and automated repair tasks. ChatGPT performed poorly compared to code-oriented models in terms of accuracy and repair capabilities. The findings suggest that ChatGPT requires domain-specific fine-tuning for vulnerability tasks. Other developments of ChatGPT include malware analysis, intrusion detection, software security assistance, penetration testing, and vulnerability detection. Using Patch Manager Plus can help protect against vulnerabilities.
Hashtags:
#SoftwareVulnerabilities #AdvancedLanguageModels #CodeBERT #GraphCodeBERT #CodeT5 #AIBugHunter #ChatGPT #VulnerabilityPrediction #Classification #SeverityEstimation #AutomatedRepair #FineTuning #MalwareAnalysis #IntrusionDetection #PenetrationTesting #PatchManagerPlus
https://cybersecuritynews.com/chatgpt-for-vulnerability-detection/