Category: esecurityplanet

John the Ripper is a popular password cracking tool that can be used to perform brute-force attacks using different encryption technologies and helpful wordlists. It’s often what pen-testers and ethical hackers use to find the true passwords behind hashes. This…

Read more →

Two venture investors have launched an index to track the most popular open source security projects. Chenxi Wang of Rain Capital and Andrew Smyth of Atlantic Bridge unveiled the Open Source Security Index last month. The website leverages GitHub application…

Read more →

Cybercriminals recently breached U.S. federal agencies using remote monitoring and management (RMM) software as part of a widespread campaign. The malicious campaign began in June 2022 or earlier and was detected a few months later, according to an advisory from…

Read more →

Identity and Access Management (IAM) once helped IT departments in large enterprises to manage employees in Active Directory. In a modern IT environment IAM plays a far more critical role in authorizing geographically dispersed workforces as they connect to internal…

Read more →

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute…

Read more →

Cross-site scripting attacks (XSS) are used to steal data and hijack browsing sessions so attackers can take action on a victim’s behalf. Attackers may use this opportunity to alter web pages, post on social accounts, initiate bank transfers or make…

Read more →

Many cybersecurity audits now ask whether penetration testing is conducted and how vulnerabilities are detected and tracked. These questions ask IT teams to consider how frequently security is tested from the outside via penetration testing and from the inside via…

Read more →

Microsoft’s Visual Studio Code integrated development environment (IDE) is used by as much as 75% of developers, so any security issue has widespread implications. And Aqua Nautilus researchers have discovered a big one. The researchers reported earlier this month that…

Read more →

Intrusion detection systems (IDS) and intrusion prevention systems (IPS) – often combined as intrusion detection and prevention (IDPS) – have long been a key part of network security defenses for detecting, tracking, and blocking threatening traffic and malware. With the…

Read more →

Vulnerability assessment tools scan assets for known vulnerabilities, misconfigurations, and other flaws. These scanners then output reports for IT security and application development operations (DevOps) teams that feed prioritized tasks into ticketing and workflow systems for remediation. Open source vulnerability…

Read more →

Intrusion detection systems (IDS) and intrusion prevention systems (IPS) – often combined as intrusion detection and prevention (IDPS) – have long been a key part of network security defenses for detecting, tracking, and blocking threatening traffic and malware. With the…

Read more →

As the demand for robust security defense grows, the market for cybersecurity technology has exploded, as have the number of available solutions. To help you navigate this growing market, we provide our recommendations for the world’s leading cybersecurity technology providers,…

Read more →

CyberArk researchers are warning that OpenAI’s popular new AI tool ChatGPT can be used to create polymorphic malware. “[ChatGPT]’s impressive features offer fast and intuitive code examples, which are incredibly beneficial for anyone in the software business,” CyberArk researchers Eran…

Read more →

For everything from minor network infractions to devastating cyberattacks and data privacy troubles, digital forensics software can help clean up the mess and get to the root of what happened. Since the inception of data forensics almost forty years ago, methods…

Read more →

Despite challenges faced by Meta and others, there remains optimism for the metaverse. The PwC 2022 U.S. Business and Consumer Metaverse Survey highlights this. The survey, which included over 5,000 consumers and 1,000 U.S. business leaders, shows that half of…

Read more →

Microsoft’s first Patch Tuesday of 2023 addresses 98 vulnerabilities, more than twice as many as last month – including one zero-day flaw that’s being actively exploited, as well as 11 critical flaws. The zero-day, CVE-2023-21674, is a Windows Advanced Local…

Read more →

In a paper published late last month, 24 Chinese researchers suggested that RSA-2048 encryption could be broken using a quantum computer with 372 physical quantum bits. Cryptographer Bruce Schneier drew attention to the paper [PDF] last week in a blog…

Read more →

The post 16 Best Digital Forensics Tools & Software appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: 16 Best Digital Forensics Tools & Software

Read more →

The post Best Fraud Management Systems & Detection Tools appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Best Fraud Management Systems & Detection Tools

Read more →

The post Best LastPass Alternatives: Compare Password Managers appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Best LastPass Alternatives: Compare Password Managers

Read more →

The post 5 Trends in Patch Management appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: 5 Trends in Patch Management

Read more →

The post Best Internet Security Software & Suites appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Best Internet Security Software & Suites

Read more →

Vulnerability management tools go well beyond patch management and vulnerability scanning tools by discovering security flaws in network and cloud environments and prioritizing and applying fixes. Many IT departments struggle to stay on top of security vulnerabilities, and many don’t…

Read more →

Rackspace has acknowledged that it was hit by the Play ransomware a month ago in an attack that compromised customers’ Microsoft Exchange accounts. The attackers apparently leveraged a zero-day vulnerability called OWASSRF that was recently analyzed by CrowdStrike. In an…

Read more →

Vulnerability scans play a critical role in protecting assets from attacker exploitation by identifying missing updates, misconfigurations, and other common security issues. Originally designed to test local networks and devices, vulnerability scanning tools have evolved to encompass the modern IT…

Read more →

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. “In 2022, governments fought wars online, businesses were…

Read more →

Most modern websites and applications connect to databases and the databases are programmed using Structured Query Language (SQL). SQL injection (SQLi) vulnerabilities arise when websites do not adequately screen, filter, or control the queries from the website, which permits attackers…

Read more →

Despite all the advances in cybersecurity tools, employees remain the weak link in organizations’ digital armor. Fortunately, cybersecurity awareness training programs have grown in both number and sophistication, giving businesses a better chance to keep a single phishing email or…

Read more →

For any organization struck by ransomware, business leaders always ask “how do we decrypt the data ASAP, so we can get back in business?” The good news is that ransomware files can be decrypted: Tools (paid or free) can be…

Read more →

The best way to prevent ransomware is also the best way to prevent any malware infection – to implement security best practices. Of course, if best practices were easy, no ransomware attacks would occur. All organizations, even the most prepared,…

Read more →

Distributed denial-of-service (DDoS) attacks occur when attackers use a large number of devices to attempt to overwhelm a resource and deny access to that resource for legitimate use. Most commonly, we see DDoS attacks used against websites, applications, or services…

Read more →

Patch management services are becoming increasingly popular as the number of software and application vulnerabilities demanding fixes has overwhelmed IT and security teams. A major selling point of patch management services (and broader vulnerability management services) is that they reduce,…

Read more →

There are 20,000 or more new software and hardware vulnerabilities every year. It falls to IT security teams to determine where those vulnerabilities lie in their organization and which ones they need to prioritize. That process can be overwhelming. Vulnerability…

Read more →

Released on November 30, ChatGPT has instantly become a viral online sensation. In a week, the app gained more than one million users. Unlike most other AI research projects, ChatGPT has captivated the interest of ordinary people who do not…

Read more →

Team82 researchers have disclosed an attack technique that bypasses industry-leading web application firewalls (WAFs) by appending JSON syntax to SQL injection payloads. “An attacker able to bypass the traffic scanning and blocking capabilities of WAFs often has a direct line…

Read more →

Microsoft’s December 2022 Patch Tuesday includes fixes for over four dozen vulnerabilities, six of them critical – including a zero-day flaw in the SmartScreen security tool, CVE-2022-44698, that’s being actively exploited. Regarding that flaw, Microsoft observed, “An attacker can craft…

Read more →

Patch management is the consistent and repeatable process of distributing and implementing updates to software, typically to address security and functionality issues. While difficult to get right, patch management is one of the most critical cybersecurity practices, and thus worth…

Read more →

Team82 researchers have disclosed an attack technique that bypasses industry-leading web application firewalls (WAFs) by appending JSON syntax to SQL injection payloads. “An attacker able to bypass the traffic scanning and blocking capabilities of WAFs often has a direct line…

Read more →

SafeBreach Labs researcher Or Yair has uncovered zero-day vulnerabilities in several leading endpoint detection and response (EDR) and antivirus (AV) solutions that enabled him to turn the tools into potentially devastating next-generation wipers. “This wiper runs with the permissions of…

Read more →

When trying to defend your organization against DDoS attacks, one of the more potent tools in your arsenal is access to DDoS protection service providers. With DDoS protection services, your organization’s websites can stay safe through tactics like the clean…

Read more →

A distributed denial-of-service (DDoS) attack is a type of cyberattack in which multiple compromised systems are used to target a single system, usually with the goal of overwhelming its resources and making it unavailable to its users. DDoS attacks can…

Read more →

It has certainly been a rough year for the tech industry. There have been many layoffs, the IPO market has gone mostly dark, and venture funding has decelerated. Despite all this, there is one tech category that has held up…

Read more →

In a recent analysis of the public and Internet-facing assets of 471 of the Fortune 500 companies, Cyberpion uncovered more than 148,000 critical vulnerabilities (exploits that are publicly available and actively targeted), with an average of 476 per company. Fully…

Read more →

A user calls into the helpdesk reporting that their system is down. Upon investigation, you discover it’s ransomware. Servers are encrypted with “.locked” file extensions on files. Ransom notes are on the desktops. No problem, just restore, right? You have…

Read more →

When under siege from a distributed denial of service (DDoS) attack, systems grind to a halt and often become entirely unresponsive. To stop the attack, defenders must move quickly and navigate three broad stages: Stage I: Block the DDoS Attack:…

Read more →

Archive files are now the most common file type used to deliver malware – eclipsing Microsoft Office files for the first time – according to HP Wolf Security’s Q3 2022 Quarterly Threat Insights Report. Forty-four percent of malware was delivered…

Read more →

Ransomware has become a potent tool for cyber criminals looking to exploit companies’ sensitive data for profit. Ransomware attacks have affected businesses across all sizes, locations, and industries, from banking and financial services to utilities to education. When trying to…

Read more →

In the ever-evolving world of malware, rootkits are some of the most dangerous threats out there. A fusion of the words “root” and “kit,” rootkits are essentially software toolboxes. Though not initially developed for malicious purposes, these toolboxes have become…

Read more →

The Wiz Research Team recently discovered a supply chain vulnerability in IBM Cloud that they say is the first to impact a cloud provider’s infrastructure. In a dramatic flair, they named the flaw Hell’s Keychain. The security issues were reported…

Read more →

Malware can unleash devastating attacks on devices and IT systems, resulting in the theft of sensitive data and money, destruction of hardware and files, the complete collapse of networks and databases, and more. Understanding the attack paths malware uses to…

Read more →

In a recent study of 1,237 Chrome extensions with a minimum of 1,000 downloads, Incogni researchers found that nearly half ask for permissions that could potentially expose personally identifiable information (PII), distribute adware and malware, or even log everything users…

Read more →

Anyone who has used a computer for any significant length of time has probably at least heard of malware. Short for “malicious software,” malware is any piece of computer software designed to disrupt the regular function of a network or…

Read more →

Group-IB cybersecurity researchers recently identified several Russian-speaking cybercrime groups offering infostealing malware-as-a-service (MaaS), resulting in the theft of more than 50 million passwords thus far. The cybercrime groups are using Raccoon and Redline malware to steal login credentials for Steam,…

Read more →

The Microsoft Detection and Response Team (DART) recently warned that attackers are increasingly using token theft to circumvent multi-factor authentication (MFA). “By compromising and replaying a token issued to an identity that has already completed multifactor authentication, the threat actor…

Read more →

John Jay Ray III is one of the world’s top bankruptcy lawyers. He has worked on cases like Enron and Nortel. But his latest gig appears to be the most challenging. On November 11, he took the helm at FTX,…

Read more →

Public-facing cloud storage buckets are a data privacy nightmare, according to a study released today. Members of Laminar Labs’ research team recently found that one in five public-facing cloud storage buckets contains personally identifiable information (PII) – and the majority…

Read more →

[How to use this template:] [Comments intended to guide understanding and use of this template will be enclosed in brackets “[…]” and the ‘company’ will be listed as [eSecurity Planet] throughout the document. When converting this template to a working…

Read more →

Every IT environment and cybersecurity strategy has vulnerabilities. To avoid damage or loss, organizations need to find and eliminate those vulnerabilities before attackers can exploit them. Some of those vulnerabilities will be found and fixed by vendors, who will provide…

Read more →

Patching and updating devices can be a hassle and can cause business disruption. Yet, unpatched vulnerabilities provide attackers with open opportunities to cause great damage – with studies showing unpatched vulnerabilities estimated to account for 30-60% of all breaches! A…

Read more →

Speakers at last week’s MITRE ResilienCyCon conference had a surprisingly candid message for attendees: You will likely be breached at some point so focus on the controls and response capabilities your organization needs to survive a cyber attack. The conference’s…

Read more →

Researchers at the University of Michigan and NASA are warning of a major flaw in the TTE (Time-Triggered Ethernet) protocol, which is used in a wide range of critical infrastructure, including spacecraft, aircraft, energy generation systems, and industrial control systems.…

Read more →

There’s a never-ending battle going on between cyber defenders and attackers, and this plays out with security products too: As soon as a security vendor develops a way to mitigate the latest threat, attackers are busy finding a way around…

Read more →

Public-facing cloud storage buckets are a data privacy nightmare, according to a study released today. Members of Laminar Labs’ research team recently found that one in five public-facing cloud storage buckets contains personally identifiable information (PII) – and the majority…

Read more →

Researchers at the University of Michigan and NASA are warning of a major flaw in the TTE (Time-Triggered Ethernet) protocol, which is used in a wide range of critical infrastructure, including spacecraft, aircraft, energy generation systems, and industrial control systems.…

Read more →

There’s a never-ending battle going on between cyber defenders and attackers, and this plays out with security products too: As soon as a security vendor develops a way to mitigate the latest threat, attackers are busy finding a way around…

Read more →

GitHub has announced new features that could improve both developers’ experience and supply chain security. The “private vulnerability” reports announced at GitHub Universe 2022 will allow open-source maintainers to receive private issues from the community. Maintainers will be able to…

Read more →

Check Point security researchers recently described the Azov ransomware as an “effective, fast, and unfortunately unrecoverable data wiper,” noting that the malware seems far more focused on destroying data than on any effort to demand a ransom. As Check Point’s…

Read more →

Patches are lines of code that influence the behavior of an application, operating system, or platform. They are often released to correct errors in code, optimize current features, or add new features to software. Patch management is the consistent and…

Read more →

Microsoft’s November 2022 Patch Tuesday includes fixes for more than 60 vulnerabilities affecting almost 40 different products, features and roles – including patches for CVE-2022-41040 and CVE-2022-41082, the ProxyNotShell flaws disclosed last month. “It took Microsoft more than two months…

Read more →

If MITRE Engenuity’s new MSSP evaluations are any indication, managed security service providers are a little like children from Lake Wobegon: They’re all above average. Of the 15 MSSPs that participated in MITRE’s first-ever security services testing, only three failed…

Read more →

The best way to stop a distributed denial of service (DDoS) attack will always be to be prepared for one in advance. Rushing to find solutions while dealing with an active attack makes everything so much harder. However, prepared or…

Read more →

In the ever-evolving world of malware, rootkits are some of the most dangerous threats out there. Once installed, a rootkit provides a hacker with numerous tools and options with which to wreak havoc on a system and network, often while…

Read more →

Distributed denial of service (DDoS) attacks can cripple an organization, a network, or even an entire country, and they show no sign of slowing down. While there are some things security teams can do to prepare for DDoS attacks and…

Read more →

REMnux is a free community distribution that ethical hackers, security researchers, and many other security pros can leverage to build their own labs and speed up malware analysis. Whether you’re new to these specialties or an experienced investigator, REMnux contains…

Read more →

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. Kaspersky revealed that APT10, also known as the Cicada hacking group, has successfully deployed the…

Read more →

A pair of recent $100 million funding rounds show that venture capital is still flowing into cybersecurity startups despite economic headwinds and rising interest rates. Versa Networks announced a funding round for $120 million last week, while Apiiro followed this…

Read more →

Distributed denial of service (DDoS) attacks seek to cripple a corporate resource such as applications, web sites, servers, and routers, which can quickly lead to steep losses for victims. However, DDoS attackers sometimes even target the specific computers (or routers)…

Read more →

If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Whether it’s infected emails stealing employee access credentials or…

Read more →

Cyber crime seems to evolve and innovate as much as the tech industry it seeks to exploit. In recent times, ransomware has become an especially potent tool of cyber criminals looking to exploit companies’ sensitive data for profit. Recent innovations…

Read more →

The OpenSSL project this week announced plans to release version 3.0.7 on November 1 to patch a critical security flaw affecting versions 3.0 and later. Co-founder Mark J. Cox noted it’s only the second critical patch “since we started rating…

Read more →

GitHub proofs of concept (PoCs) for known vulnerabilities could themselves contain malware as often as 10% of the time, security researchers have found. Researchers at the Leiden Institute of Advanced Computer Science have alerted security professionals about risks associated with…

Read more →

Symantec researchers are warning that a BlackByte ransomware affiliate has begun using a custom data exfiltration tool, Infostealer.Exbyte, to steal data from victims’ networks as part of their attacks. Still, as a recent breach of an Indian power company by…

Read more →

A distributed denial-of-service (DDoS) attack is a type of cyberattack in which multiple compromised systems are used to target a single system, usually with the goal of overwhelming its resources and making it unavailable to its users. DDoS attacks can…

Read more →

Back in April of this year, 360 Netlab researchers reported on a new DDoS botnet with more than 10,000 daily active bots and over 100 DDoS victims per day, dubbed Fodcha due to its command and control (C2) domain name…

Read more →

Symantec researchers are warning that a BlackByte ransomware affiliate has begun using a custom data exfiltration tool, Infostealer.Exbyte, to steal data from victims’ networks as part of their attacks. Still, as a recent breach of an Indian power company by…

Read more →

A distributed denial-of-service (DDoS) attack is a type of cyberattack in which multiple compromised systems are used to target a single system, usually with the goal of overwhelming its resources and making it unavailable to its users. DDoS attacks can…

Read more →

The best way to recover from a ransomware attack is to execute a carefully practiced incident response plan. So easy to say, so difficult to do correctly. In fact, many organizations have no plan at all. Instead, they not only…

Read more →

A ransomware family targeting individual computer users is using a zero-day Windows bug to infect users, ANALYGENCE senior vulnerability analyst Will Dormann has found. HP Wolf Security researchers recently published a blog post on the Magniber ransomware campaign’s ability to…

Read more →

There are 20,000 or more new software and hardware vulnerabilities every year, yet only a few hundred might be actively exploited. It falls to IT security teams to determine where those vulnerabilities lie in their organization and which ones they…

Read more →

Security researcher Alvaro Muñoz recently warned of a critical vulnerability in versions 1.5 through 1.9 of Apache Commons Text. The flaw, dubbed “Text4Shell” and identified as CVE-2022-42889, can enable remote code execution via the StringSubstitutor API. In response, version 1.10…

Read more →

A distributed denial-of-service (DDoS) attack is a type of cyberattack in which multiple compromised systems are used to target a single system, usually with the goal of overwhelming its resources and making it unavailable to its users. DDoS attacks can…

Read more →

Symantec researchers are warning that a BlackByte ransomware affiliate has begun using a custom data exfiltration tool, Infostealer.Exbyte, to steal data from victims’ networks as part of their attacks. Still, as a recent breach of an Indian power company by…

Read more →

The best way to recover from a ransomware attack is to execute a carefully practiced incident response plan. So easy to say, so difficult to do correctly. In fact, many organizations have no plan at all. Instead, they not only…

Read more →

A ransomware family targeting individual computer users is using a zero-day Windows bug to infect users, ANALYGENCE senior vulnerability analyst Will Dormann has found. HP Wolf Security researchers recently published a blog post on the Magniber ransomware campaign’s ability to…

Read more →

There are 20,000 or more new software and hardware vulnerabilities every year, yet only a few hundred might be actively exploited. It falls to IT security teams to determine where those vulnerabilities lie in their organization and which ones they…

Read more →

Security researcher Alvaro Muñoz recently warned of a critical vulnerability in versions 1.5 through 1.9 of Apache Commons Text. The flaw, dubbed “Text4Shell” and identified as CVE-2022-42889, can enable remote code execution via the StringSubstitutor API. In response, version 1.10…

Read more →

Businesses have long wondered if employees are staying focused and doing their jobs. To answer this question, many in the modern age have turned to employee monitoring software. From facial recognition to surveillance cameras to time trackers or just having…

Read more →

Organizations use penetration testing to strengthen their security. During these tests, simulated attacks are executed to identify gaps and vulnerabilities in the IT environment. But before hiring penetration testers or starting a pentesting program, any organization should be aware of…

Read more →

Anyone who has used a computer for any significant length of time has probably at least heard of malware. Short for “malicious software,” malware is any piece of computer software designed to disrupt the regular function of a network or…

Read more →

Containers are everywhere. Despite application containers being around for only a few years, they have already become an important building block of modern application development. But their popularity has made them a target for hackers, making container security an important area to…

Read more →