A naukri.com initiative
Info. Security News News
Huntonprivacyblog
2h
237
UK ICO and Ofcom Joint Statement on Regulation of Online Services
- The UK Information Commissioner’s Office (ICO) and Ofcom issued a joint statement on the regulation of online services.
- The statement outlines areas of collaboration between the ICO and Ofcom.
- They will identify and monitor common issues related to online safety and data protection.
- They will evaluate the effectiveness of their methods and look for opportunities to improve.
Read Full Article
14 Likes
Securityaffairs
5h
138
Image Credit: Securityaffairs
Cuttlefish malware targets enterprise-grade SOHO routers
- A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data.
- Cuttlefish creates a proxy or VPN tunnel on the compromised router to exfiltrate data and uses stolen credentials to access targeted resources.
- The malware steals authentication data from web requests passing through the router, performs DNS and HTTP hijacking, and can interact with other devices on the network.
- Cuttlefish has been active since at least July 2023, primarily targeting public cloud-based services and storing stolen data in logs.
Read Full Article
8 Likes
Cybertalk
7h
146
Image Credit: Cybertalk
AI, CVEs and Swiss cheese
- Artificial intelligence (AI) is a hot topic in the cyber security industry, with its potential to revolutionize how we interact with technology.
- However, AI can also be used by hackers for nefarious purposes, such as conducting reconnaissance on potential targets.
- With over 200,000 known Common Vulnerabilities and Exposures (CVEs), companies should consider the security track record of vendors and products they choose.
- To mitigate risks, organizations should aim to deploy a comprehensive, consolidated, and collaborative security platform.
Read Full Article
8 Likes
Securityaffairs
7h
267
Image Credit: Securityaffairs
A flaw in the R programming language could allow code execution
- A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files.
- The vulnerability, tracked as CVE-2024-27322 (CVSS v3: 8.8), allows arbitrary code execution upon deserializing RDS or RDX files.
- The flaw was reported by researchers at HiddenLayer and involves the use of promise objects and lazy evaluation in R.
- Attackers can exploit this vulnerability by distributing malware-laced packages or tricking victims into executing malicious files.
Read Full Article
16 Likes
Medium
9h
298
Image Credit: Medium
Network and Information Security 2
- NIS2 (Network and Information Security) is the successor to the NIS1 directive introduced in 2016 by the European Union.
- The NIS2 directive aims to increase protection and resilience against cyber threats for companies and organizations in EU countries, enhance self-protection against cyber threats, and raise awareness and response capabilities for cybersecurity crises.
- It covers areas such as risk analysis, incident management, business continuity, supply chain security, network and information system security, cyber risk management, cyber hygiene practices, cryptography usage, human resources security, and authentication solutions.
- The NIS2 directive was published in the Official Journal of the EU on December 27, 2022, and will come into effect on October 18, 2024, with a transition period of 6 to 18 months.
Read Full Article
17 Likes
Hackersking
11h
233
Image Credit: Hackersking
Ominis OSINT For Secure Web-Search Like Dorking
- Ominis OSINT is a powerful Python script for information gathering using advanced Dorking techniques.
- The script utilizes Google searches to extract relevant information such as titles, URLs, and mentions of user-inputted queries.
- To use Ominis OSINT, you need to clone the repository, install the required dependencies, and run the script on the Linux terminal.
- Consider saving bookmarks and enrolling in a real-world hacking course for more in-depth knowledge.
Read Full Article
14 Likes
Securityaffairs
15h
314
Image Credit: Securityaffairs
Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall
- China-linked threat actors known as Muddling Meerkat have been using sophisticated DNS activities since 2019.
- They manipulate DNS through fake MX records and have the ability to control China's Great Firewall.
- The motive behind these attacks is still unknown.
- Infoblox researchers have provided indicators of compromise to counter these activities.
Read Full Article
18 Likes
Gbhackers
15h
40
Millions of Malicious “Imageless” Docker Hub Repositories Drop Malware
- Nearly 20% of Docker Hub repositories have been identified as conduits for malware and phishing scams.
- Attackers have created almost three million malicious repositories on Docker Hub over the span of three years.
- These malicious entities leveraged Docker Hub's trusted platform to distribute phishing and malware schemes.
- JFrog's security research team collaborated with Docker to identify and remove the malicious repositories.
Read Full Article
2 Likes
Gbhackers
17h
361
Attackers Leverage Sidecar Container Injection Technique To Stay Stealthy
- Cybersecurity researchers have discovered that threat actors can leverage the Sidecar Container injection technique to remain stealthy in Kubernetes environments.
- Sidecar containers run alongside the main application container in the same pod and enhance its capabilities.
- The Sidecar Container injection technique allows attackers to inject a malicious sidecar container into a valid pod, enabling unauthorized code execution and hiding operations.
- Mitigations and recommendations provided by researchers include adhering to the least-privilege principle, restricting over permissive containers, and gating images deployed to Kubernetes clusters.
Read Full Article
21 Likes
Gbhackers
19h
281
How to Utilize Azure Logs to Identify Threats: Insights From Microsoft
- Microsoft's Azure platform offers robust logging and monitoring tools.
- Azure Logs can be utilized to identify and counteract threat actor actions.
- Azure Log Analytics plays a pivotal role in investigating security incidents.
- Effective utilization of Azure Logs strengthens cloud environment security.
Read Full Article
16 Likes
Medium
1d
15
Bsides Seattle 2024
- The Fault in Our Metrics: Rethinking How We Measure Detection & Response: A talk on measuring the business value of alerts for IT Operations.
- The Winds of Change — The Evolution of Octo Tempest: A presentation on telecommunication hacks and the importance of mobile phone security.
- Incident Response on the AI Frontier: A high-level talk on the implications of AI advancements in incident response.
- BSides Seattle Experience: Positive feedback on the event's organization, affordable price, quality workshops, and talks.
Read Full Article
Like
Cybertalk
1d
71
Image Credit: Cybertalk
How AI can benefit zero trust
- AI can enhance zero trust initiatives by providing adaptive access controls.
- AI-powered zero trust access controls can customize permissions based on user evaluations.
- AI can improve privileged access management and enforce strict controls.
- AI-based tools enable faster detection and response to potential security breaches in zero trust architecture.
Read Full Article
4 Likes
Huntonprivacyblog
1d
98
HHS Extends Protections for Reproductive Privacy Under HIPAA
- The U.S. Department of Health and Human Services extends protections for reproductive privacy under HIPAA.
- The final rule strengthens privacy protections for reproductive health care-related protected health information (PHI).
- It limits the use or disclosure of PHI for non-health care purposes that could harm individual privacy or trust in health care providers.
- The rule includes requirements for obtaining signed attestations for requests related to reproductive health care.
Read Full Article
5 Likes
Qualys
1d
332
Image Credit: Qualys
CrushFTP Zero-Day Exploitation Due to CVE-2024-4040
- CrushFTP disclosed a zero-day vulnerability in their software (CVE-2024-4040) that allows remote attackers to bypass VFS sandbox and access files without authentication.
- The vulnerability was exploited for unauthenticated remote code execution and reading sensitive files.
- CISA added the vulnerability to the KEV Catalog on April 24, 2024.
- Customers are advised to upgrade to v11.1.0, v10.7.1, or a later version to fix the vulnerability.
Read Full Article
20 Likes
Securityaffairs
1d
242
Image Credit: Securityaffairs
CISA guidelines to protect critical infrastructure against AI-based threats
- The US government’s cybersecurity agency CISA published guidelines to protect critical infrastructure against AI-based attacks.
- CISA collaborated with Sector Risk Management Agencies to assess AI risks and categorized them into attacks using AI, attacks targeting AI systems, and failures in AI design and implementation.
- The guidelines integrate the AI Risk Management Framework into enterprise risk management programs, focusing on the Govern, Map, Measure, and Manage functions.
- CISA emphasizes that critical infrastructure operators should consider sector-specific factors and align AI safety and security priorities with their organizational principles.
Read Full Article
14 Likes
For uninterrupted reading, download the app