Connected Cars sind heute oft Standard und finden sich dementsprechend häufig auch in den Fuhrparks von Unternehmen wieder. Neben praktischem Nutzen und Komfort könnten sich dadurch aber auch neue Einfallstore für Cyber-Kriminelle ergeben. Das Auto als Angriffsvektor – wie realistisch…
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
The remote access trojan known as Gh0st RAT has been observed being delivered by an “evasive dropper” called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website (“chrome-web[.]com”) serving malicious…
Google’s Password Bug Hits Millions: Cybersecurity Today for Monday, July 29, 2024
Google’s Password Bug Hits Millions & French Police Battle Malware – Cybersecurity Today In this episode of Cybersecurity Today, Jim Love covers Google’s recent apology after a bug caused the passwords of 15 million Chrome users to vanish. The episode…
Partnerangebot: Harmony STS GmbH – „Vorfall Praktiker Schulung“
Im Partnerbeitrag der Harmony STS GmbH werden Teilnehmende zum BSI Vorfall-Praktiker ausgebildet. Dieser Artikel wurde indexiert von Aktuelle Meldungen der Allianz für Cyber-Sicherheit Lesen Sie den originalen Artikel: Partnerangebot: Harmony STS GmbH – „Vorfall Praktiker Schulung“
How Software Updates Can Lead to Cyber Attacks
In the world of cybersecurity, software updates are a double-edged sword. On one hand, they are crucial for patching vulnerabilities, enhancing features, and improving overall system performance. On the other hand, if not managed properly, software updates can inadvertently create…
Belarus-linked APT Ghostwriter targeted Ukraine with PicassoLoader malware
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government’s Computer Emergency Response Team (CERT-UA) reported a surge in activity associated with the APT group UAC-0057 (aka…
Fake Falcon crash reporter installer used to target German Crowdstrike users
CrowdStrike warns about a new threat actor targeting German customers by exploiting a recent issue with Falcon Sensor updates. On July 24, 2024, CrowdStrike experts identified a spear-phishing campaign targeting German customers by exploiting the recent issue with Falcon Sensor…
China ponders creating a national ‘cyberspace ID’
Because clearly it’s better for Beijing to know who you are than for every ISP and social service to keep its own records Beijing may soon issue “cyberspace IDs” to its citizens, after floating a proposal for the scheme last…
CVSS 9.8 Sicherheitslücke in Cisco Secure Email Gateway
Geht auf dem Cisco Secure Email Gateway (SEG) eine E-Mail mit bestimmten Schadcode ein, kann das ganze System kompromittiert werden. Das komplette Betriebssystem des SEG kann dabei beeinträchtigt werden. Dieser Artikel wurde indexiert von Security-Insider | News | RSS-Feed Lesen…
Microsoft CrowdStrike Software Update leading to Phishing Attacks
A couple weeks ago, an IT outage hit Microsoft Windows 10 and 11 servers shortly after CrowdStrike released a Falcon Sensors software update. Rather than resolving, the update transformed into a software bug , affecting over 8.2 million PCs and…
Enhancing threat detection for GenAI workloads with cloud attack emulation
Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. Traditional cloud threat detection Threat detection systems are designed to allow early detection of potential security breaches; usually, these…
Cirrus: Open-source Google Cloud forensic collection
Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving Google Workspace and GCP. The tool simplifies incident response activities and enhances an organization’s security…
The cost of cybersecurity burnout: Impact on performance and well-being
This article includes excerpts from recent reports we covered, providing statistics and insights into the levels of stress and burnout experienced by cybersecurity professionals. Most cybersecurity pros took time off due to mental health issues Hack The Box | Building…
Why a strong patch management strategy is essential for reducing business risk
In this Help Net Security interview, Eran Livne, Senior Director of Product Management, Endpoint Remediation at Qualys and Thomas Scheffler, Security Operations Manager of Cintas Corporation, discuss their experiences with automated patch management. Scheffler details how Cintas transitioned from manual…
The gap between business confidence and cyber resiliency
In this Help Net Security video, Jim Liddle, Nasuni’s Chief Innovation Officer, discusses the findings of its new 2024 industry research report, The Era of Hybrid Cloud Storage. Key takeaways: Cloud strategies are at the forefront of enterprise success. Enterprises…
Whitepaper: DevSecOps Blueprint
In the DevSecOps Blueprint whitepaper, GitGuardian outlines a robust foundation for building an automated and technology-driven DevSecOps Program that addresses every aspect of the SDLC. Learn how your organization can embed security at every layer: the tools and technologies, the…
ISC Stormcast For Monday, July 29th, 2024 https://isc.sans.edu/podcastdetail/9072, (Mon, Jul 29th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, July 29th, 2024…
Secure Boot useless on hundreds of PCs from major vendors after key leak
Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don’t use MFA, and more Infosec in brief Protecting computers’ BIOS and the boot process is essential for modern security – but knowing it’s important isn’t the same as actually…

Quickie: Password Cracking & Energy, (Sun, Jul 28th)
When Johannes talked about my diary entry “Protected OOXML Spreadsheets” on his StormCast podcast, he mentioned that I privately shared data on the power consumption of my desktop with a NVIDIA GeForce RTX 3080 GPU when running Hashcat. This article…
CrowdStrike Outage Themed Maldoc, (Mon, Jul 29th)
I found a malicious Word document with VBA code using the CrowdStrike outage for social engineering purposes. It's an .ASD file (AutoRecover file). My tool oledump.py can analyze it: This article has been indexed from SANS Internet Storm Center, InfoCON:…
Quickie: Password Cracking & Energy, (Sun, Jul 28th)
When Johannes talked about my diary entry “Protected OOXML Spreadsheets” on his StormCast podcast, he mentioned that I privately shared data on the power consumption of my desktop with a NVIDIA GeForce RTX 3080 GPU when running Hashcat. This article…
French authorities launch disinfection operation to eradicate PlugX malware from infected hosts
French authorities and Europol are conducting a “disinfection operation” targeting hosts compromised by the PlugX malware. The French authorities, with the help of Europol, have launched on July 18, 2024, a “disinfection operation” to clean hosts infected with the PlugX…
USENIX Security ’23 – Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages
Authors/Presenters:Cristian-Alexandru Staicu, Sazzadur Rahaman, Ágnes Kiss, Michael Backes Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and…
KnowBe4 Avoids Data Breach After Hiring North Korean Hacker
American cybersecurity firm KnowBe4 recently discovered that a new hire, brought on as a Principal Software Engineer, was actually a North Korean state actor. This individual attempted to install data-stealing malware on the company’s devices, but the threat was…