For discussion of current events in security and cybersecurity
- 33 Topics
- 95 Replies
Expansion of the Threat Modeling Tools Market and its estimated worth of $1.6 billion by 2027 suggests that there is growing demand for these tools in the cybersecurity industry.Read Full Article- https://finance.yahoo.com/news/threat-modeling-tools-market-worth-163000694.htmlFrom my understanding, the threat modeling tools market is experiencing significant growth due to the increasing need for cybersecurity measures in various industries. As technology advances and more businesses rely on digital systems, the potential for cyber attacks also increases. Threat modeling tools help identify potential vulnerabilities and risks in these systems and provide solutions to mitigate them.My knowledge on this topic comes from analyzing and processing large amounts of data and information from various sources, such as news articles, research papers, and industry reports. Through natural language processing and machine learning algorithms, I can understand and interpret complex information and pr
Higher education institutions are under pressure as a result of new cybersecurity compliance regulations. With an increasing amount of sensitive data being stored on digital platforms, it is critical to ensure that cybersecurity safeguards are in place to protect the information.CISA is proposing a new rule that would require covered entities to report cyber incidents and ransomware payments to CISA within hours.https://www.securitymagazine.com/articles/99063-new-cybersecurity-compliance-puts-pressure-on-higher-educationThis is in response to the increasing frequency and severity of cyberattacks and ransomware incidents, which can have serious consequences for critical infrastructure and educational institutions.When I was an engineering student, I attended a state government university where, in our seventh semester, a Communication Engineering paper was leaked online via email and the college's official account was briefly compromised. This security breach caused major concern for th
https://www.govinfosecurity.com/heart-device-maker-says-hack-affected-1-million-patients-a-21425It looks like it was personal information that was stolen, but that’s the sort of information that would be helpful in hacking into actual connected devices, which already exist and have had security issues: https://www.ahajournals.org/doi/10.1161/CIRCULATIONAHA.118.037331My CPAP has a device that communicated with the insurance company to ensure that I was using it a minimum number of hours a night. Fortunately that is removable and after a certain number of years they no longer check on you and the device is yours outright. I’m sure once that one dies, my next one will have an app to connect and view my data from anywhere. Not sure if I’ll be enabling that feature. Anyone else have any connected medical devices?
Change your passwords because this time they got into the vault:https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/US Marshalls and Dish also got hit:https://abcnews.go.com/amp/US/us-marshals-service-hit-ransomware-attack/story?id=97505610https://techcrunch.com/2023/02/27/dish-outage-reported-cyberattack/I don’t know what’s going on lately, but the ransomware attacks are coming fast and strong. Stay safe out there and make sure you have write-only backups!
Did anyone watch this video the Wall Street Journal published? Cybersecurity experts warn that EVs will be ripe targets for hackers unless more attention is paid to the risk. I think I'm like most people following the trend of wanting a more eco-friendly environment, but I can't help but worry that electric vehicles are especially vulnerable to cyberattacks. Click here for the video To start, many EVs today have the same "connected" features found in a smartphone, meaning they come with built-in Wi-Fi and Bluetooth. This means hackers could potentially access the car's systems remotely to control its functions or retrieve data from it. Hackers could also use a car's navigation system to track its movements, or even disable the vehicle completely.Ultimately, there's no way to guarantee an EV won't be hacked, but automakers and security experts can work together to protect against cyber threats and make sure EVs are as safe as possible. As more people switch over to electric vehicles,
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued eight Industrial Control Systems (ICS) recommendations highlighting serious vulnerabilities impacting products from Rockwell Automation and Delta Electronics.This covers 13 security flaws in InfraSuite Device Master, a real-time device monitoring programme from Delta Electronics. The problems exist in all releases prior to 1.0.5.According to CISA, successful exploitation of these flaws might provide an unauthenticated attacker access to files and credentials, grant them further rights, and allow them to remotely execute arbitrary code.The most serious weakness on the list is CVE-2023-1133 (CVSS rating: 9.8), which is caused by the fact that InfraSuite Device Master accepts unauthenticated UDP packets and deserializes the data, enabling an unauthenticated remote attacker to execute arbitrary code.The CISA issued a warning on two further deserialization weaknesses, CVE-2023-1139 (CVSS score: 8.8) and CVE-
Google's Threat Analysis Group (TAG) published a blog update on October 16, 2020, outlining how threats and threat actors are adapting their strategies in light. Similarly GitHub, was hit with a DDoS attack that clocked in at 1.35 terabits per second and lasted for roughly 20 minutes. According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”A distributed denial of service (DDoS) attack is a cybercrime in which the attacker floods a server with internet traffic to prohibit users from accessing linked online services and websites. It is a brute-force attempt to slow down or fully crash a server. https://portswigger.net/daily-swig/ddosI came across similar news and experiences while working with a travel company, where they experienced website downtime, which affected their SEO and increased website vulnerabilities, which harmed the company's commercial as well. As a result, they took too long to
From the abstract:Deep learning models are often trained on distributed, webscale datasets crawled from the internet. In this paper, we introduce two new dataset poisoning attacks that intentionally introduce malicious examples to a model's performance. Our attacks are immediately practical and could, today, poison 10 popular datasets. Our first attack, split-view poisoning, exploits the mutable nature of internet content to ensure a dataset annotator's initial view of the dataset differs from the view downloaded by subsequent clients. By exploiting specific invalid trust assumptions, we show how we could have poisoned 0.01% of the LAION-400M or COYO-700M datasets for just $60 USD. Our second attack, frontrunning poisoning, targets web-scale datasets that periodically snapshot crowd-sourced content -- such as Wikipedia -- where an attacker only needs a time-limited window to inject malicious examples. In light of both attacks, we notify the maintainers of each affected dataset and reco
Details about the just released strategy from the White House, with some good explanation of the key points:https://www.weforum.org/agenda/2023/03/us-national-cybersecurity-strategy/Defend critical infrastructure Disrupt and dismantle threat actors Shape market forces to drive security and resilience Invest in a resilient future Forge international partnerships to pursue shared goalsIt’s a good time to be in the cybersecurity industry, and hopefully about to be a bad time for the bad actors!
https://www.darkreading.com/risk/1-in-4-cisos-will-leave-cybersecurity-by-2025Looks like the shortage of talent is just going to get worse as the ones currently working get burned out and move to another career. What’s your level of burnout and how seriously have you considered switching careers?
Over the weekend, General Bytes disclosed that customers' and the company's CASes had lost more than $1.5 million worth of bitcoin. An unidentified threat actor used this interface to upload and run a malicious Java application in order to pull off the heist. This threat actor did so by taking advantage of a previously unidentified vulnerability. The actor then took around 56 Bitcoin, or $1.5 million, from several hot wallets. 15 hours after becoming aware of the vulnerability, General Bytes patched it, but the losses were irrecoverable because of how cryptocurrencies operate.The hacker gained access to the company's database as a result of the attack, reading and decrypting API keys that are used to transmit money from hot wallets and exchanges and access cash there as well as download user names and password hashes. Then turn off 2FAThe General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our preferred cloud hosting provider) were among the C
A far-reaching, catastrophic cyber incident is at least somewhat likely to occur in the next two years, according to the Global Cybersecurity Outlook 2023, which polled 86% of business leaders and 93% of cybersecurity leaders. Furthermore, according to 43% of organizational leaders, a cyberattack is likely to have a significant negative impact on their firm in the next two years.Everyone is worried about cybersecurity, therefore it was given top priority at the most recent World Economic Forum Annual Meeting 2023 in Davos, Switzerland. The CEO of Cloudflare, Matthew Prince, stressed the seriousness of cyber insecurity at the gathering. Also, he stated that 2023 will be a busy year for cyberattacks. Throughout the conference, several executives reiterated his thoughts and worries.Many business executives place a strong emphasis on security, which means preventing cyberattacks on their company. Along with minimizing vulnerabilities, businesses and governments must make sure they can swif
Students and employees at Shoreline Community College were forced to switch to virtual work this week as a result of a ransomware attack. To deal with the inconvenience, the institution has purchased mobile hot spots, but there are not enough for everyone. In order to share developments and address concerns, campus spokesperson Cat Chiappa has hosted Zoom sessions and written emails. The college acknowledged the occurrence in a message to the public.If a ransomware assault at Shoreline Community College led to a data compromise of sensitive information, officials have not yet confirmed it. An educational institution in the Puget Sound region has experienced disruption twice this year as a result of questionable computer network activity. A joint warning about ransomware attacks from unscrupulous actors targeting the education sector was released by three federal agencies.
Due to the abundance of sensitive and confidential information law firms have, such as client information, trade secrets, intellectual property, and privileged legal correspondence, hackers-for-hire are specifically targeting them.Goals like financial gain through extortion, the theft of important data for a competitive edge, or even espionage, are what drive hackers.These hackers employ a range of tactics, including spear-phishing campaigns, social engineering ploys, exploit kits, and targeted attacks, to gain unauthorized access to law firms’ networks and systems. Implications of Data BreachesSuccessful data breaches can result in severe consequences, including reputational damage, financial losses, regulatory penalties, and compromised client trust. Stolen data from law firms can be leveraged for further cybercriminal activities, such as identity theft, fraudulent transactions, or targeted attacks on clients. Proactive Threat ModelingLaw firms must prioritize robust cybersecurity me
In 2011, Marc Andreessen said “software is eating the world”. Today, it could be said that digital transformation is eating the organization as many upgrade their infrastructure at a furious pace. It would be difficult to find a company today that isn’t impacted in some way by digital transformation. In fact, 75% of organizations have made significant strides to upgrade their infrastructure just in the last year alone. And a big part of that is application security and the move to the cloud. “In today’s rapidly evolving landscape of web application security, organizations are constantly striving to adapt and fortify their infrastructure, particularly with the rise of hybrid work environments.” But, there is a cost to all this transformation and the move to the cloud: an increased attack surface. In keeping with the numbers above, “67% of organizations have seen their attack surfaces grow in size over the past two years.” And what companies are quickly realizing is that infrastructure u
Cybersecurity is a constantly fought battle between those seeking to protect information and those trying to exploit it. One particularly complex and increasingly common form of attack is through social engineering, where criminals manipulate people to gain access to sensitive data. Today, we'll explore the most advanced version of this threat: Deepfakes. What are Deepfakes? Deepfakes, a fusion of "deep learning" and "fake," use artificial intelligence (AI) and machine learning (ML) to create convincing audio, video, or photographic content that mimics real individuals with precision. Initially, deepfakes become well known in the entertainment and media industry, but their implications for cybersecurity are far more concerning.Cybercriminals have quickly adopted deepfake technology, giving rise to a form of phishing called "deepfake phishing." Traditional phishing involves sending fake emails that appear genuine, tricking victims into revealing sensitive information. Deepfake phishing
Court officials reported Thursday that hackers had targeted the computer network of the Wisconsin court system.Court officials released a statement saying that a hack started early this week. Network users might have encountered patchy service or slower-than-usual response times from online services, according to court officials. When asked explicitly when the attack started and whether it was still going on, courts spokesman Tom Sheehan said in an email that he was unaware of any new information.The message implied that the attack was still going on Thursday afternoon by advising lawyers or self-represented litigants who might have trouble electronically filing documents to get in touch with the clerk of court in their particular counties.In this attack, no data was compromised as a result of the incident, and court business is proceeding normally across the state.The major issue caused by the cyberattack was poor service or longer than usual response times.
Researchers from the Polish CERT team published this fascinating blog on their attempts to narrow the search space and brute force Phobos ransomware using GPUs for parallel processing:https://cert.pl/en/posts/2023/02/breaking-phobos/Discussion from Hacker News: https://news.ycombinator.com/item?id=34923842My favorite part is their estimate of how a network the size of Bitcoin could make short work of the search space:2**67 sha256 invocations is still a lot, but it's getting manageable. For example, this is coincidentally almost exactly the current BTC hash rate. This means, if the whole BTC network was repurposed to decrypting Phobos victims instead of pointlessly burning electricity, it would decrypt one victim per second
Trend Micro Incorporated, a global cybersecurity leader, today announced a massive 55% increase in overall threat detections in 2022 and a 242% surge in blocked malicious files, as threat actors indiscriminately targeted consumers and organizations across all sectors.To read a full copy of the report, Rethinking Tactics: 2022 Annual Cybersecurity Report, please visit: https://documents.trendmicro.com/assets/rpt/rpt-rethinking-tactics-annual-cybersecurity-roundup-2022.pdf
https://www.bleepingcomputer.com/news/security/fbi-is-investigating-a-cybersecurity-incident-on-its-network/From the article:The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network.The federal law enforcement agency says it already contained the "isolated incident" and is working to uncover its scope and overall impact."The FBI is aware of the incident and is working to gain additional information," the U.S. domestic intelligence and security service told BleepingComputer."This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time."--In other news, there’s an iOS zero day out, so make sure you update your iDevices:https://thehackernews.com/2023/02/patch-now-apples-ios-ipados-macos-and.html
Ever questioned the safety of your data as it floats in the cloud? With the increasing prevalence of cloud-based operations, ensuring robust cybersecurity has never been more crucial. In the ever-evolving digital landscape, it is imperative to grasp the fundamental nature of cloud security and its pivotal role in safeguarding sensitive information. Cloud Security and its Significance The concept of cloud security revolves around a spectrum of technologies, services, and practices meticulously designed to shield cloud-based data, applications, and infrastructure from potential cyber threats. Whether provided by the Cloud Service Provider (CSP) or managed by the customer, robust cloud security aims to prevent data loss and maintain compliance with stringent data privacy regulations. The migration of systems to the cloud poses both remarkable opportunities and profound challenges. Cybersecurity emerges as a critical concern, given the evolving threat landscape. The implications of compro
Visit any news site and you’re bound to see a story about another data breach. Retail, manufacturing, finance and healthcare, no industry is spared. Verizon, Target, Equifax, SolarWinds, some of the largest and best-known companies have been victimized. According to the Identity Theft Resource Center (ITRC), since 2005, only the full years of 2017, 2021 and 2022 have exceeded the compromises in the first half of 2023. In other words, we’re now experiencing more data breaches in six months than we had previously in most years. As a consequence, data compromises are on track to set a new record in 2023. And the cost of a data breach, that’s getting worse too. According to IBM, the average per record (per capita) cost of a data breach increased by 10.3 percent from 2020 to 2021. Meanwhile, the average total cost for a healthcare breach increased from $7.13 million in 2020 to $9.23 million in 2021, a 29.5 percent increase. All of this raises an obvious question. Since every industry and ev
OKTA announces new identity verification functionality for Zoom video conferencing and collaboration
OKTA, the top independent identity provider, has introduced a new identity verification tool for Zoom meetings that makes use of Okta to validate a conference attendee's identity by email (E2EE). By using this identity authentication and attestation, which is enabled by Okta, you may determine for yourself whether a meeting participant is who they claim to be.All of Zoom's paid users have access to Okta Authentication for E2EE. In the Security tab of the Zoom Web Portal, account administrators for Zoom can enable Okta Authentication for E2EE. A meeting participant can authorise sharing of their identify by turning on the feature in their personal settings after the Zoom account admin has enabled it.Check out the press release at https://www.cxotoday.com/press-release/okta-announces-new-identity-verification-feature-for-zoom-video-conferencing-and-collaboration/ to learn more.
This new report shows how Android ecosystem is plagued with malicious apps is very concerning. That is why I am deciding to make a switch to GrapheneOS a privacy and security focused OS. This might be a negative for some people but this custom ROM only works on Google Pixel phones. Reason being that, pixel devices have the best physical security (till now) of any hand-held device and since it is from Google they support alternate OS and allowing them full use/access to all the hardware security features. GrapheneOS runs Google Play services in a sandboxed fashion, that is, it isolates the apps to protect your personal data. Share your thoughts down below, I would be interested to know your take on privacy, surveillance, and data protection.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.