lemmydev2

Attackers are focusing more on stealing identities. Because of this, companies need to use zero trust principles. They should also verify user identities more carefully, says DirectDefense. Researchers analyzed thousands of alerts, mapping them to the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. Top five attack tactics Initial access: Initial access remains the most frequently-observed adversarial tactic, representing more than 27% of escalated alerts. In 2024, … More → The post Cybercriminals blend AI and social engineering to bypass detection appeared first on Help Net Security.

Nearly 9 in 10 apps tested by Zimperium used encryption that did not adhere to best practices.

Researchers have uncovered the true identity of servers hosting one of the most notorious ransomware operations active today. The Medusa Ransomware Group, which has operated with relative anonymity through Tor hidden services, has had its cover blown through a sophisticated exploitation of vulnerabilities in their own infrastructure. This exposure represents a rare instance where cybercriminal […] The post Researchers Deanonymized Medusa Ransomware Group’s Onion Site appeared first on Cyber Security News.

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's "leaked credentials" detection app called MACE. [...]

Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving the £50 million trade. Nationally, cases have doubled to 83,900 annually. The real issue, though, isn’t the losing of a phone – it’s what happens next. Thieves are after the valuable digital assets inside the phone. With the proper access, a stolen phone becomes an all-access pass … More → The post The UK’s phone theft crisis is a wake-up call for digital security appeared first on Help Net Security.

arXiv:2404.04991v3 Announce Type: replace Abstract: The open-source software (OSS) ecosystem suffers from security threats caused by malware.However, OSS malware research has three limitations: a lack of high-quality datasets, a lack of malware diversity, and a lack of attack campaign contexts. In this paper, we first build the largest dataset of 24,356 malicious packages from online sources, then propose a knowledge graph to represent the OSS malware corpus and conduct malware analysis in the wild.Our main findings include (1) it is essential to collect malicious packages from various online sources because their data overlapping degrees are small;(2) despite the sheer volume of malicious packages, many reuse similar code, leading to a low diversity of malware;(3) only 28 malicious packages were repeatedly hidden via dependency libraries of 1,354 malicious packages, and dependency-hidden malware has a shorter active time;(4) security reports are the only reliable source for disclosing the malware-based context. Index Terms: Malicious Packages, Software Analysis

Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”

Two independent research teams have developed methods for hacking noisy quantum computers based on a row-hammer attack, a type of interference used to infiltrate traditional computers

Google illegally monopolized some online advertising technology markets, according to a federal judge, whose ruling marked the latest antitrust setback for the company and a challenge to its main source of revenue.

Discord is testing the feature: “We’re currently running tests in select regions to age-gate access to certain spaces or user settings,” a spokesperson for Discord said in a statement. “The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face. For ID verification, the scan of your ID is deleted upon verification.”...

A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing remote scripts. [...]

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.