Information

06 Jun

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…

Information

by Paul Ducklin Last week, Progress Software Corporation, which sells software and services for user interface development, devops, file management and more, alerted customers of its MOVEit Transfer and related MOVEit Cloud products about a critical vulnerability dubbed CVE-2023-34362. As the name suggests, MOVEit Transfer is a system that makes it easy to store and share files throughout a team, a department, a company, or even a supply chain. In its own words, “MOVEit provides…

Read More
06 Jun

Chrome zero-day: “This exploit is in the wild”, so check your version now

Information

by Paul Ducklin Google’s latest Chrome update is out, and this time the company hasn’t minced its words about one of the two security patches it includes: Google is aware that an exploit for CVE-2023-3079 exists in the wild. There’s no two-degrees-of-separation verbiage, as we’ve often seen from Google before, to say that the company “is aware of reports” of an exploit. This time, it’s “we are aware of it all by ourselves”, which translates…

Read More
06 Jun

KeePass Update Patches Vulnerability Exposing Master Password

Information, News

Open source password manager KeePass was updated over the weekend to patch a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump. Tracked as CVE-2023-32784 and impacting KeePass 2.x versions, the issue is related to the custom-developed textbox used for password entry, which creates a leftover string in memory for each character that the user types. An attacker can use a KeePass process dump, a hibernation file, a swap file, or…

Read More
05 Jun

What if the Current AI Hype Is a Dead End?

Information, News

As I discussed in my previous column on Cybersecurity Futurism for Beginners, we are applying methods and approaches commonly used in future studies, especially horizon scanning and scenario planning, to explore future scenarios for how AI such as LLM’s may impact security operations going forward. To quickly rehash, horizon scanning is not strictly speaking about predicting the future. Rather, it’s about the early detection of weak signals to identify drivers of emerging trends. We’re not…

Read More
03 Jun

Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech

Information, News

Josh Lospinoso’s first cybersecurity startup was acquired in 2017 by Raytheon/Forcepoint.. His second, Shift5, works with the U.S. military, rail operators and airlines including JetBlue. A 2009 West Point grad and Rhodes Scholar, the 36-year-old former Army captain spent more than a decade authoring hacking tools for the National Security Agency and U.S. Cyber Command. Lospinoso recently told a Senate Armed Services subcommittee how artificial intelligence can help protect military operations. The CEO/programmer discussed the subject with…

Read More
03 Jun

API security in the spotlight – Week in security with Tony Anscombe

Information

Given the reliance of today’s digital world on APIs and the fact that attacks targeting them continue to rise sharply, API security cannot be an afterthought. Given the increasing reliance of today’s digital world on APIs and the fact that cyberattacks targeting them continue to rise sharply, API security cannot be an afterthought. Here is how a poorly protected application programming interface creates security risks, what the main API security risks are, and what organizations…

Read More
03 Jun

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack 

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless crucial for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
02 Jun

S3 Ep137: 16th century crypto skullduggery

Information

by Paul Ducklin IT’S HARDER THAN YOU THINK No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Password manager cracks, login bugs, and Queen Elizabeth I versus…

Read More
02 Jun

Researchers claim Windows “backdoor” affects hundreds of Gigabyte motherboards

Information

by Paul Ducklin Researchers at firmware and supply-chain security company Eclypsium claim to have found what they have rather dramatically dubbed a “backdoor” in hundreds of motherboard models from well-known hardware maker Gigabyte. In fact, Eclypsium’s headline refers to it not merely as a backdoor, but all in uppper case as a BACKDOOR. The good news is that this seems to be a legitimate feature that has been badly implemented, so it’s not a backdoor…

Read More
02 Jun

Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer

Data Breaches, Information, News

Point32Health, the second-largest health insurer in Massachusetts, is in the process of informing more than 2.5 million individuals that their personal and protected health information was stolen in a recent ransomware attack. Identified on April 17 and initially disclosed on April 20, the attack impacted systems related to Point32Health’s Harvard Pilgrim Health Care, and resulted in the exfiltration of data pertaining to both current and former health plan subscribers and dependents. Between March 28 and…

Read More