A CISO’s guide to cloud security

andreasc
-
0
A CISO’s guide to cloud security
[ad_1]

To secure enterprise assets in the cloud, CISOs must address several challenges previously unseen in traditional IT and on-premises data centers. This whitepaper explores the key strategies to secure your enterprise cloud infrastructure from cyber threats. 

Cloud migration has many benefits, including virtual storage and virtual network support. However, cloud storage and infrastructure also adds complexity to network security. Unique cloud dynamics require future-proof solutions in order to ensure they are adequately protected. 

Cloud security has far-reaching implications for organizational success. A cloud security maturity model can help business leaders to benchmark and assess their organization’s security evolution. Securing cloud infrastructure can have a number of enterprise-wide positive effects including reducing security risks, lowering your security budget and reducing the likelihood of a cyber security incident.

Download this whitepaper to learn:

  • How to transform cloud security challenges into business opportunities. 
  • Where your organization fits into the cloud security maturity model. 
  • The six cloud security strategies to harden your enterprise cloud infrastructure. 

[ad_2]
Source link

Malware Campaigns Abusing Telegram Bots to Spread Rapidly

andreasc
-
0
Malware Campaigns Abusing Telegram Bots to Spread Rapidly
[ad_1]
Malware Telegram Bots

Numerous updates and alterations were witnessed in the major malware families employed in phishing scams during the first quarter of 2023, alongside significant variations in TTPs.

The Cofense Intelligence team has recently published Active Threat Reports, which provide insights into the latest malicious email threats. At the same time, all these reports are based on their thorough observations and analysis of the threats.

During the first quarter (Q1), a substantial increase has been observed in Active Threat Reports, with a 20% increase compared to the previous quarter and a 34% increase compared to Q1 of the previous year.

Malware Campaigns Abusing Telegram Bots

During Q1 of 2023, there has been a significant surge in evasive, malicious campaigns that exploit Telegram bots

The volume of these attacks has increased dramatically, surpassing the volume of Q4 2022 by a staggering 397% and exceeding the entire volume of attacks witnessed in 2022 by 310%.

The volume of credential phishing attacks observed in the current quarter has been highly unstable and witnessed a sharp rise of 527%. 

Compared to the same period last year (Q1 2022), the overall increase in credential phishing attacks is significant, amounting to a rise of 40%.

Despite the significant volume of dissemination, Emotet failed to reach inboxes as frequently as Qakbot, making Qakbot the most successful malware family in terms of reaching inboxes. 

In fact, Qakbot reached inboxes 185% more often than Emotet during the period under observation. During Q1, threat actors have been observed experimenting with various combinations of delivery mechanisms. 

The notable thing is the increased usage of OneNote files as a common delivery mechanism for threats. This indicates threat actors’ continued efforts to refine their methods and evade detection.

The inclusion of YouTube in the list of Top 10 .com domains being exploited by threat actors came as a surprise. 

These actors were observed using open redirects on youtube.com to direct victims toward phishing pages, which is a cause for concern.

Cofense Intelligence conducts a quarterly analysis of credential phishing emails that successfully bypass Secure Email Gateways (SEGs) and reach users’ environments.

This analysis is crucial in identifying the latest tactics and techniques employed by threat actors and helps organizations to protect their users from phishing attacks better.

EHA

Building Your Malware Defense Strategy – Download Free E-Book


[ad_2]
Source link

Twitter may let you add pictures to your long tweets

andreasc
-
0
Twitter may let you add pictures to your long tweets
[ad_1]

As turbulent as things are with Twitter Blue and its perks, we can’t say that the platform is not adding more features to the subscription service. Not too long ago, Twitter increased the character limit to a whopping 10,000 per tweet. Now, according to a new report, Twitter may eventually let you add pictures in the middle of your long tweets.

Twitter has been increasing the current limit for tweets over the past several years, but it really exploded in just the past year. After Elon Musk took over, the character limit jumped up from 280 to 4,000 characters. After that, it increased again to 10,000 characters. Why write a hot take when you can write a full article?

Not only that, but Twitter also allows Blue users to use bold and italic fonts for their tweets. This all lets people add a lot more personality to their tweets rather than having to cut them short. While all the drama is still going on with the blue check mark, this is at least a little bit of good news.

Twitter may let you add pictures in the middle of your long tweets

This information comes to us from Jane Manchun Wong on Twitter. The tweet has a screenshot of a tweet actively being written. In it, we see a couple of images being pasted directly into the tweet with text in between them.

So, your tweets will probably resemble actual blog posts rather than short thoughts. Looking at the interface itself, it almost appears to have been taken from a computer rather than a smartphone. We’ll have to wait and see if that’s the case. If so, then this feature may be available to desktop users before mobile users.

On the bottom right-hand corner of the top image, we see the edit icon, which means that you will also be able to edit your pictures just like with regular tweets.

Right now, there’s no telling when or if this feature will ever make it to the public. Twitter is currently operating with a heavily diminished crew and with a ton of drama overhead. We will just have to wait and see what happens


[ad_2]
Source link

New Atomic macOS malware can steal your iCloud Keychain passwords

andreasc
-
0
New Atomic macOS malware can steal your iCloud Keychain passwords
[ad_1]

MacOS is generally regarded as a more secure operating system when compared to Windows, thanks in part due to Apple’s stringent control over installing third-party apps and other safety measures. However, a new report from Cyble Research & Intelligence Labs suggests otherwise, as threat actors are now selling a new malware called ‘Atomic’ or ‘AMOS’ through private telegram channels for a monthly subscription of $1,000.

The report describes Atomic as a sophisticated malware packaged in a DMG file containing a 64-bit Go-based program. And for the price, subscribers also get a set of comprehensive tools to steal information from the victim. These tools include a ready-to-use web panel for managing victims, a MetaMask brute-forcer, a cryptocurrency checker, a DMG installer, and the ability to receive stolen logs on Telegram.

How does the malware work?

Once installed and executed, the malware displays a fake password prompt on the victim’s Mac to obtain the system password and gain privileges on the machine. Then it extracts the Keychain password and proceeds to steal information from cryptocurrency wallets, wallet extensions, web browsers, system information, and files stored on the Desktop. After gathering all the information, the malware zips the stolen data and sends it to the threat actor’s command and control server.

Moreover, to make matters worse, many antivirus engines did not flag Atomic as malware, emphasizing the need for improved detection methods for macOS malware, and threat actors are also updating the malware regularly to evade detection.

How to stay protected?

To keep your Mac protected from malware, it is essential to take some necessary precautions, including not downloading apps or software from third-party app stores, using strong passwords and 2FA, enabling biometric security features such as TouchID, not opening suspicious links in emails, keeping devices up to date, and using good antivirus software. As macOS gains more popularity, it’s now more important than ever for users to stay vigilant.

atomic macos stealer malware list


[ad_2]
Source link

Card Skimmers and ATMs Used to Drain EBT Accounts in SoCal

andreasc
-
0
Card Skimmers and ATMs Used to Drain EBT Accounts in SoCal
[ad_1]

Thirteen people have been arrested for allegedly stealing millions of dollars from low-income Southern California residents, according to the Los Angeles Police Department.

The suspects are accused of using card skimmers and ATMs to drain electronic benefit transfer (EBT) accounts, which are used to pay for food through the Supplemental Nutrition Assistance Program (SNAP).

The police department received a community tip on April 25 about fraud and identity theft suspects residing at a Van Nuys motel on the 4700 block of Sepulveda Boulevard. Following a search warrant, authorities recovered skimming devices, card readers, a large number of false identification cards and documents, and $36,062 in cash.

Investigators believe that the suspects may be part of a Romanian syndicate known to “target persons experiencing economic hardship for their EBT cards.” The group allegedly stole millions of dollars every month from Californians with EBT accounts.

According to LAPD’s press release, the investigation is ongoing. However, this is not the first time such a crime has been committed in the area. Back in March 2023, 15 suspected Romanian nationals were also arrested for stealing over $38 million from low-income SoCal families.

The suspects stole funds disbursed through CalWORKs and CalFresh programs using cloned EBT cards from skimming devices at ATMs.

  1. Life is cheap on Dark Web where your entire identity is for sale
  2. Man convicted for identity theft fraud against US Military veterans
  3. Ex-army admin jailed for 12 years over US military health data theft

[ad_2]
Source link

New BGP Protocol Flaws Let Attackers Trigger DoS Attacks

andreasc
-
0
New BGP Protocol Flaws Let Attackers Trigger DoS Attacks
[ad_1]
New BGP Protocol Flaws

Forescout Vedere Labs recently highlighted the neglected BGP security aspect – software implementation vulnerabilities.

FRRouting’s BGP message parsing vulnerabilities discovered by Forescout Vedere Labs could enable attackers to trigger a DoS state on susceptible BGP peers.

Major networking vendors depend on software suites that implement BGP, which are widely used online. 

What is BGP?

The internet’s primary routing protocol is BGP, and large data centers frequently use BGP for internal traffic routing, while BGP extensions like MP-BGP are extensively implemented for MPLS L3 VPNs.

Organizations should avoid relying solely on their Internet Service Providers (ISPs) to ensure BGP security. It appears that attackers can still exploit easily accessible vulnerabilities in current BGP implementations.

By enabling the exchange of routing and reachability information, BGP facilitates the interaction of autonomous systems (ASes), which are sets of leased IP addresses allocated to organizations by registrars for a specific period.

A BGP failure may make an AS unreachable, as others cannot route packets. A threat actor may abuse a BGP setting to reroute network traffic in an unintentional direction.

Vulnerabilities

An analysis was conducted by security analysts using both manual analysis methods and fuzzing techniques to assess the following seven popular BGP implementations:-

  • FRRouting (Open-source)
  • BIRD (Open-source)
  • OpenBGPd (Open-source) 
  • Mikrotik RouterOS (Closed-source)
  • Juniper JunOS (Closed-source)
  • Cisco IOS (Closed-source)
  • Arista EOS (Closed-source)

Analysts discovered three previously unknown vulnerabilities in Free Range Routing (FRRouting) version 8.4, released November 7th, 2022.

Here below, we have mentioned the complete flaw profile of the detected vulnerabilities:-

  • CVE ID: CVE-2022-40302
  • Description: Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option.
  • CVSSv3.1: 6.5
  • Potential Impact: DoS
  • CVE ID: CVE-2022-40318
  • Description: Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. This is a different issue from CVE-2022-40302.
  • CVSSv3.1: 6.5
  • Potential Impact: DoS
  • CVE ID: CVE-2022-43681
  • Description: Out-of-bounds read when processing a malformed BGP OPEN message that abruptly ends with the option length octet (or the option length word, in case of OPEN with extended option lengths message).
  • CVSSv3.1: 6.5
  • Potential Impact: DoS

In 2016, FRRouting was created by developers from multiple commercial organizations by forking Quagga, another open-source project. FRRouting is now employed by major vendors, including nVidia Cumulus, and utilized by large organizations like:-

  • PayPal
  • Yahoo
  • Dutch National Police

While apart from this, Amazon supports DENT, and Microsoft supports SONiC, which is employed in some routers from Juniper.

In the case of repeated sending of malformed packets, the DoS condition can last indefinitely. Almost 1,000 of the 330,000 internet-enabled hosts with BGP enabled to respond to uninvited BGP OPEN messages.

It should be noted that most of the BGP hosts reside in the following countries:-

EHA
  • China (close to 100,000)
  • The US (50,000)
  • The UK (16,000)

A new open-source tool has been released (https://github.com/Forescout/bgp_boofuzzer/) by cybersecurity researchers for organizations to assess the security of their internally used BGP suites. Further, this tool can be used to discover new vulnerabilities in BGP implementations by cybersecurity researchers.

There are several scripts available with the tool to demonstrate how it can be used for testing the vulnerabilities found and testing the concept cases for:-

  • BGP OPEN
  • UPDATE
  • ROTE REFRESH
  • NOTIFICATION messages

Recommendation

Patching network infrastructure devices frequently is the most effective recommendation to minimize the risks associated with vulnerable BGP implementations like the ones discovered in FRRouting.

Maintaining an updated asset inventory that monitors the networking devices and software versions running on them is crucial to achieving this objective.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


[ad_2]
Source link

Twitter allows free access to its API for critical use cases

andreasc
-
0
Twitter allows free access to its API for critical use cases
[ad_1]

Twitter has restored free access to its API for some public institutions. The company says verified government and publicly-owned services that use the tool for critical purposes such as weather alerts, transport updates, and emergency notifications will get free access to it. “One of the most important use cases for the Twitter API has always been public utility,” the social network said in a tweet announcing this policy change. It blocked free API access for all in early April.

Twitter restores free API access for some public institutions

Twitter has undergone numerous changes since Elon Musk took over the company in October last year. Mont notably, the social network removed legacy verified checkmarks and blocked free access to its API. Both of these changes took effect last month, though the firm has been preparing for it for a long time. It abruptly blocked several third-party Twitter clients in mid-January citing API rules. The company said developers would need to pay for API access.

The paid version of Twitter API was supposed to arrive in February but was delayed until late March. The firm eventually launched three tiers, including a Free tier. However, the new free version offers very little. It is limited to “write-only use cases and testing the Twitter API”. It allows a maximum of 1,500 tweets per month and one app ID. The $100 per month “Basic” tier, meanwhile, is ideal for “hobbyists or prototypes,” Twitter said. It also comes with fixed caps on tweets.

Finally, for “businesses and scaled commercial projects,” Twitter offers an “Enterprise” tier of its API with varying monthly subscription plans. Depending on the individual use case, it can cost tens of thousands of dollars. A week or so after launching the paid version, the company blocked access to the existing free version of its API. Unsurprisingly, the cost of the Enterprise tier was too much for some developers, forcing them to shut down their projects. The Free and Basic tiers, meanwhile, didn’t offer enough resources to keep them alive.

While Twitter won’t backtrack on this decision, it has shown leniency for public institutions. Services that use its API for communicating emergency information and other critical purposes would get back free access. But for everyone else, it’s a choice between paying the company or stopping using its full API suite. Microsoft has already refused to pay and removed Twitter from its social media tool for advertisers.


[ad_2]
Source link

Dimensity 9200+ could be the most powerful Android SoC yet

andreasc
-
0
Dimensity 9200+ could be the most powerful Android SoC yet
[ad_1]

MediaTek is all set to launch a new flagship smartphone chipset next week. The Dimensity 9200+ will debut on May 10 as an overclocked version of last year’s Dimensity 9200, filling in the gap until the company comes up with its next-gen solution Dimensity 9300 later this year. Ahead of its unveiling, an alleged Geekbench score sheet of the new chipset has surfaced online revealing that it will be the most powerful processor for Android. It comfortably outperformed the current leader, Qualcomm’s Snapdragon 8 Gen 2 launched in November last year.

The Dimensity 9200+ scored 2,121 points in the single-core test and 5,655 points in the multi-core test on Geekbench 6. As GSMArena puts it, these scores are “considerably more” than what the Snapdragon 8 Gen 2 has achieved so far. The latter’s highest single-core and multi-core score’s on Geekbench are 1,992 and 5,641, respectively. It achieved those scores with ASUS’ upcoming gaming smartphone ROG Phone 7 Ultimate. The device had the performance X Mode turned on, which pushes the CPU to its limit to ensure smooth gaming performance.

The new MediaTek chipset, on the other hand, managed to beat the latest Qualcomm processor in standard mode with no performance boost at the CPU level. The Geekbench 6 score sheet of the Dimensity 9200+ is from a Vivo smartphone. It is probably the Vivo X90s or the Vivo X90s Pro. There are rumors of the Chinese firm working on a couple of new models in the X90 series with the upcoming MediaTek processor. ASUS may also launch a Dimensity 9200+ variant of the ROG Phone 7 Ultimate.

Dimensity 9200+ rumored specs

As said earlier, the Dimensity 9200+ will be a minor upgrade over last year’s Dimensity 9200. However, unlike in the past, MediaTek appears to be raising the CPU frequency across the board instead of just making the prime CPU core faster. The Cortex-X3 prime core reportedly operates at 3.35GHz on the new chipset, up from 3.05GHz. Likewise, the three Cortex-A715 performance cores get a frequency boost from 2.85GHz to 3.0GHz. The clock speed of the four Cortex-A510 efficiency cores is not known (1.8GHz on the Dimensity 9200).

Based on this Geekbench run, the Dimensity 9200+ is all set to reign the Android processor space for at least a few months as there’s no competition in the market. Rumors are that Qualcomm won’t launch a Snapdragon 8+ Gen 2 this year. It will go straight to the Gen 3 solution, which may arrive in late October 2023 with a clock speed of up to 3.7GHz. MediaTek will also launch the Dimensity 9300 around the same time. It remains to be seen which chip behemoth comes out on top.

Dimensity 9200 Geekbench 6 score


[ad_2]
Source link

T-Mobile Hacked – Attackers Accessed Over 37M Sensitive Data

andreasc
-
0
T-Mobile Hacked – Attackers Accessed Over 37M Sensitive Data
[ad_1]
T-Mobile Hacked

T-Mobile recently confirmed another hack, the second this year and ninth since 2018, revealing customer data and account PINs.

While T-Mobile confirmed a recent system detection that revealed a threat actor had accessed a small number of accounts, which compromised limited information.

836 customers were affected by the intrusion, which commenced on February 24 and continued till March 30.

Once T-Mobile discovered the breach on March 27, they reset customers’ account PINs to swap SIM cards and authorize critical account changes.

Types of Data Involve

Here below, we have mentioned the types of data involve:-

  • Full name
  • Contact information
  • Account number
  • Associated phone numbers
  • T-Mobile account PIN
  • Social security number
  • Government ID
  • Date of birth
  • Balance due
  • Email addresses
  • Internal codes
  • Billing addresses

What Happened?

T-Mobile’s security measures worked as intended in March 2023, alerting them to unauthorized activity.

During late February through March 2023, a threat actor gained access to restricted data from a few T-Mobile accounts, as revealed by their security system.

This year’s second T-Mobile hack is the ninth security breach since 2018, and in January, the misuse of T-Mobile’s application programming enabled threat actors to access 37 million customers’ data.

What Is T-Mobile Doing?

Despite having several safeguards to prevent unauthorized access, T-Mobile acknowledges the need to enhance its security measures continually. 

They take such incidents seriously, apologize for the breach, and are working towards improving the security of customers’ information.

T-Mobile reset their customers’ T-Mobile Account PIN to safeguard their accounts. Additionally, they provide free identity theft detection services and credit monitoring for two years through Transunion’s myTrueIdentity.

Moreover, T-Mobile conducts a thorough investigation to understand unauthorized activity and improve its safeguards to prevent such incidents from happening again.

Recommendation

Here below, we have mentioned all the recommendations offered by T-Mobile:-

  • Review your account information as soon as possible to ensure everything is correct.
  • Make sure to update your PIN with an updated one, and if you need help updating your PIN, call 18009378997 or go to T-Mobile.com or log into T-Mobile.com.
  • Monitoring the activity on the account is an important part of staying vigilant.
  • Take advantage of your free credit reports by monitoring them regularly.
  • Don’t forget to review your security settings for your email, financial account, and other accounts regularly.
  • Use T-Mobile’s security features like Account Takeover Protection, number transfer PINs, two-step verification, free scam protection with Scam Shield, SIM Protection, a security dashboard, and more.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

EHA

[ad_2]
Source link

A Twitter bug is forcing people out of their accounts

andreasc
-
0
A Twitter bug is forcing people out of their accounts
[ad_1]

Twitter has gone through probably one of the most turbulent years since the platform’s conception, and it’s not getting better. There’s a new Twitter bug that’s randomly logging people out of their accounts, according to Downdetector.

Twitter is no stranger to bugs and outages. In fact, no social media platform is immune to these types of things. In Twitter’s case, this sort of calamity is not what the company needs at this point, as Elon’s Crusade continues.

A Twitter bug is logging people out of their accounts

This seems to be a bit random, as most of the people affected are using Twitter for the desktop. So, this might be mostly specific to that platform. An Android headlines user was affected by this bug on the Twitter website; however, their account was accessible from the app.

People are, unfortunately, being logged out of their accounts for no apparent reason. What makes the situation worse is that they’re having trouble logging back in. When trying to access the Twitter log in page, these unfortunate users will keep being redirected to the sign-in page. After a while, they usually will just be sent to the Twitter homepage.

This is an extremely frustrating issue to have. At this point, Twitter has yet to acknowledge this issue, but we hope that the company does soon. In any case, if you are having trouble logging into your Twitter account, then you may be stuck using your phone until it’s over.

Fortunately, issues like these tend to only last a few hours. So some of you may just want to sit tight and wait for the functionality to return. You may want to check back every so often and try logging into your Twitter account.

If Twitter is slow to act on this, it may be understandable seeing as the company is dealing with yet another bug on the platform. This bug seems to arbitrarily reassign the verification check mark to legacy accounts after taking them away not too long ago. This is temporary, so if your check mark was returned, it will very well disappear again.


[ad_2]
Source link
1...1,2691,2701,271...1,468Page 1,270 of 1,468