All the latest news on Cybersecurity
Backstory Of The World’s Second CISO
This week in cybersecurity from the editors at Cybercrime Magazine – Listen to the Cybercrime Magazine Podcast Interview Sausalito, Calif. – May 8, 2024 The chief information security officer (CISO) role dates back to 1994, when financial services giant Citigroup (then Citicorp, ranked 17th on the The post Backstory Of The World’s Second CISO appeared first on Cybercrime Magazine.
Backstory Of The World’s Second CISO
This week in cybersecurity from the editors at Cybercrime Magazine – Listen to...
Source: Cybersecurity Research
Social Engineering Attacks: One of the Biggest and Quietest Threats to Your Business
While hackers don't differentiate between the size of their victims, certain attacks, like social engineering attacks, are most common in SMBs and SMEs. This blog specifically addresses the unique challenges and threats you may face as a small and medium-sized business or enterprise (SMB/SME) owner. Not for nothing, social engineering attacks are termed – unseen perils, silent threats to your small business and enterprise. Social Engineering Attacks: The Stats and The Reports Picture this: 📌 Per the report by Barracuda, small businesses witness 350% more social engineering attacks than larger enterprises. 📌 More than 30% of small businesses in the US have weak points that threat actors can exploit. 📌 Per the recent Verizon Data Breach Investigation Report, social engineering attacks, system intrusion, and privilege misuse incidents account for 92% of breaches in small businesses. It is essential to understand what a social engineering attack is and how it impacts your small business to understand how it affects you. What Is Social Engineering? As Cisco puts it, social engineering is not a cyberattack at its heart. It is the art of persuasion and human psychology. The modus operandi here is to target the minds of the victims like conmen and gain their trust. With the victims' trust gained, the attackers go in for the kill by encouraging them to 📍Divulge personal information 📍Click on malicious web links 📍Open malware-infected attachments So, what is Social Engineering? Let's look at the definition. Social Engineering: The Definition Any manipulation technique that exploits human errors to gain personal information, access, or valuables is a social engineering attack. In technical terms, social engineering is the psychological manipulation of people into divulging confidential information or performing unsafe actions. In layman's terms, social engineering is an assault on your emotions and feelings to extract sensitive and personal information for malicious purposes. In the world of cybercrime, scams related to human hacking are on the rise. These scams target unsuspecting users, playing tricks with their minds and luring them into revealing sensitive data and confidential information. Social engineering attacks can happen 👉 Online 👉 In-person 👉 Other interactions How Does Social Engineering Work? Social engineering works in four steps. But essentially, it works on your cognitive biases, where a threat actor impersonates either an authoritative person or a trustworthy individual and cons you into trusting them. They work in four steps. Preparation This is where a threat actor collects information about your business, and this may include your business emails, messaging apps, and other sensitive information related to your business. Infiltration This is where a bad actor will approach you or your employees. They usually imitate a reliable resource and use the previously gathered information to validate themselves. Exploitation Here, a threat actor will use persuasion tricks to obtain more sensitive information from your employees or even you. The threat actor plays on the human mind and tricks you into revealing some sensitive information. Disengagement Once an attacker has the information they sought, they will cut off all ties with you, deploy malware in your office network, and disappear in thin air. Why are SMBs and SMEs Prime Targets? Whether you have a small business or a small enterprise, you are at risk of social engineering attacks. Here are the prime reasons threat actors love your small business or your small enterprise. 📍Lack of resources is one of the primary reasons threat actors target your small business or small enterprise. 📍Trusting Culture of SMBs/SMEs is an important reason for threat actors to love small businesses and enterprises. 📍Your overworked and overburdened employees who juggle multiple responsibilities are the prime targets of threat actors. So, how do you counter these attacks on your business? Top Ways To Protect Your Small Business From Social Engineering Social Engineering attacks can be devastating for your small business, and your business may suffer: 📍Significant financial losses 📍Downtime 📍Reputational damage 📍Loss of Stakeholder and customers' trust You can counter social engineering attacks on your small business with these methods. 📌Train your employees to recognize 📍Phishing emails 📍Suspicious phone calls 📍Unsolicited requests for sensitive data 📌 Verify each email for sender addresses and the legitimacy of the data requests. 📌 Deploy two-factor authentication or multi-factor authentication on all your accounts for better security. 📌 Data encryption is your ally; embrace it with both hands. Encrypt your data at rest and in transition. When you follow these steps, you can ensure that your small business is protected from social engineering attacks. While you are at it, here are some common scams to watch out for. Common Scams to Watch Out For While practicing the four ways you can mitigate the threat of social engineering attacks, keeping an eye on some of the most common scams prevalent is essential. 📌 Phishing 📌 Tech Support Scams 📌 Pretexting 📌 Baiting 📌 Malware 📌 CEO Fraud Each of these scams is also an individual scam, but they can be deployed for sophisticated social engineering attacks. The best method to prevent social engineering attacks is to create awareness about the various tactics used by threat actors. Final Words Social engineering is becoming dangerous because attacks have become sophisticated with tech evolution. Threat actors indulging in social engineering are master con artists who know how to trick you into revealing sensitive information by invoking extreme emotions in you and your employees. So, the best way to protect your small business from social engineering is to educate your employees.
Social Engineering Attacks: One of the Biggest and...
While hackers don't differentiate between the size of their victims, certain...
Source: Hacker Noon
Hackers Using Weaponized Shortcut Files To Deploy CHM Malware
Hackers exploit the weaponized shortcut files due to their ability to execute malicious code without knowing the user being targeted. Shortcut files are generally well-known and widely used, and due to this, they provide a good platform for deploying malware. The use of these harmless shortcuts is one of the best ways for hackers to […] The post Hackers Using Weaponized Shortcut Files To Deploy CHM Malware appeared first on Cyber Security News.
Hackers Using Weaponized Shortcut Files To Deploy...
Hackers exploit the weaponized shortcut files due to their ability to execute malicious...
Source: Latest Hacker and Security News
MorLock Ransomware Attacking Organizations to Steal Business Data
A new group known as MorLock ransomware has intensified its attacks on Russian businesses, causing disruptions and financial losses. This group, first identified at the beginning of 2024, has already compromised nine medium to large Russian companies. The Rise of Morlock Morlock has quickly become one of the most active cyber gangs targeting Russian entities. […] The post MorLock Ransomware Attacking Organizations to Steal Business Data appeared first on Cyber Security News.
MorLock Ransomware Attacking Organizations to Steal...
A new group known as MorLock ransomware has intensified its attacks on Russian businesses,...
Source: Latest Hacker and Security News
Demystifying DePINs and More: Bridging Real-World Infrastructure
What are DePINs? Decentralized Physical Infrastructure Networks (DePINs) are real-world infrastructures on-chain. In more depth, DePINs offer a community-driven, cost-effective means of scaling projects without relying on traditional, centralized models. They are platforms where organizations and individuals can benefit from higher levels of control over their data and products through decentralized infrastructure. As for the term "DePIN,” this gained prominence in 2023 and continues to grow in mention into 2024. Initially, Web3 was used to reference projects focused on networks (replicating Web2 internet networks, but decentralized) but has since expanded to include all crypto or blockchain work, resulting in the need for this specific terminology. DePIN 101 On a fundamental level, DePINs function as bridges between physical facilities and the blockchain ecosystem. They operate through three main components. These are physical infrastructure controlled by a provider, a middleware connection to the blockchain, and a public ledger. These connections are managed by record-keeping and offering remittances to both the provider and the user. n n The physical infrastructure could be a smart agriculture system where farmers use IoT (Internet of Things) devices such as soil moisture sensors, weather stations, and crop health monitors to gather data about their fields. The middleware would then relay this information to the blockchain. Then, based on the data provided by the middleware, the blockchain would distribute rewards to the provider and users in the form of tokens. n Additionally, for DePINs to operate effectively, four distinct parties must be involved in the network. This includes: Hardware (PRNs & DRNs): a physical component connecting networks to the real world Hardware operators (Providers): Contributors buying or lending their hardware to the given network Token: A financial incentive paid out to hardware operators based on data provided by the middleware Users: DePINs need users who are willing to use and pay for the service The Current DePIN Landscape DePIN projects operate in six core business niches: compute marketplaces, wireless coverage, wholesale data, services marketplaces, energy services, and vertical ad networks. At present, there are several existing projects emerging in all six of these business models, including Filecoin, Helium, Hivemapper, Braintrust, Entheos and Sweatcoin. Out of these six sectors, compute marketplaces are where the most potential is seen, making up the majority of the market capitalization of DePIN crypto projects. Unpacking a DePIN example As we can see from the current DePIN landscape, there are many sectors in which DePINs currently operate. One real-world example that makes sense, at its core, is a decentralized energy grid. The basis for this is that traditional energy grids are often centralized, owned, and operated by utility companies, which can lead to inefficiencies and a lack of flexibility in distribution. Contrastingly, a decentralized energy grid built on blockchain technology could enable peer-to-peer energy trading between consumers and producers. Imagine a scenario where homeowners could sell excess energy to neighbors from their solar panels. This would facilitate more efficient use of renewable energy resources and incentivize individuals and communities to invest in sustainable energy production. By leveraging blockchain and smart contracts, this DePIN could ensure transparent and secure transactions while empowering users to have more control over their energy usage and production. The Flywheel Effect The concept of the flywheel effect is crucial to understanding DePINs potential for network growth and scalability. Unlike traditional models that require massive upfront capital investments, DePINs rely on grassroots efforts and community-driven initiatives to scale. n Tokens play their part in these ecosystems by serving as an incentive for the community to contribute to the maintenance of the network. The Flywheel (above) visualizes the different steps involved in this maintenance and also helps to explain how DePIN projects can utilize the flywheel effect to catalyze their network growth. n n There are several different ways projects can increase the value of their token. For example, a stake-weighted random selection algorithm can be utilized to increase the value of a token, as providers must stake the project's token to get user deal flow. This adds an added incentive for contributors to continue building out the network. Therefore, the native token will increase in price as the network grows, resulting in more rewards for providers and a higher attraction for investors to invest. Fundamentally, this flywheel creates infrastructure networks that get stronger as they get bigger. As explained above, the flywheel effect of DePINs offers an alternative approach to traditional business models that fundamentally makes sense. However, we must consider the obstacles DePINs face in their journey to realizing their potential. The Future of DePINs By leveraging blockchain technology and tokenomics (The Flywheel Effect), DePINs are expected to disrupt existing IoT business models and enable on-chain communities to build innovative decentralized networks and applications. However, some limitations are currently holding DePINs back. There are several architectural considerations for scaling DePIN applications on-chain that need to be addressed if DePINs are going to be the bridge between decentralized technology and the real world. The most significant challenges to overcome are scalability, interoperability, security, and usability issues. The on-chain infrastructure needs to be able to handle a high volume of transactions and data throughput effectively to support the requirements of decentralized physical networks. To then communicate and exchange this data effectively, seamless interoperability with other blockchain networks and traditional systems is required. Robust security mechanisms, including encryption and authentication, are vital to safeguarding sensitive information and ensuring the integrity of DePIN networks. On top of this, DePINs must have systems in place, ensuring the security of external data feeds (oracles) used to verify real-world information and the prevention of Sybil attacks, where malicious actors create fake identities to gain undue influence within the network. A final consideration is that specialized technical knowledge is currently required to participate in a DePIN ecosystem. A more usable interface and intuitive design will be required for further adoption. n The future of DePINs relies heavily on collaboration among stakeholders and ongoing technological innovation to address these challenges and unlock their full potential.
Demystifying DePINs and More: Bridging Real-World...
What are DePINs?
Decentralized Physical Infrastructure Networks (DePINs) are real-world...
Source: Hacker Noon
SUSE: 2024:1556-1 important: python311 Security Advisory Updates
* bsc#1189495 * bsc#1211301 * bsc#1219559 * bsc#1219666 * bsc#1221260
SUSE: 2024:1556-1 important: python311 Security Advisory...
* bsc#1189495 * bsc#1211301 * bsc#1219559 * bsc#1219666 * bsc#1221260
Source: LinuxSecurity.com
SUSE: 2024:1557-1 moderate: rpm Security Advisory Updates
* bsc#1189495 * bsc#1191175 * bsc#1218686 Cross-References:
SUSE: 2024:1557-1 moderate: rpm Security Advisory...
* bsc#1189495 * bsc#1191175 * bsc#1218686 Cross-References:
Source: LinuxSecurity.com
Ioctlance - A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers
Description Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint Analysis introduces IOCTLance, a tool that enhances its capacity to detect various vulnerability types in Windows Driver Model (WDM) drivers. In a comprehensive evaluation involving 104 known vulnerable WDM drivers and 328 unknow n ones, IOCTLance successfully unveiled 117 previously unidentified vulnerabilities within 26 distinct drivers. As a result, 41 CVEs were reported, encompassing 25 cases of denial of service, 5 instances of insufficient access control, and 11 examples of elevation of privilege. Features Target Vulnerability Types map physical memory controllable process handle buffer overflow null pointer dereference read/write controllable address arbitrary shellcode execution arbitrary wrmsr arbitrary out dangerous file operation Optional Customizations length limit loop bound total timeout IoControlCode timeout recursion symbolize data section Build Docker (Recommand) docker build . Local dpkg --add-architecture i386apt-get updateapt-get install git build-essential python3 python3-pip python3-dev htop vim sudo openjdk-8-jdk zlib1g:i386 libtinfo5:i386 libstdc++6:i386 libgcc1:i386 libc6:i386 libssl-dev nasm binutils-multiarch qtdeclarative5-dev libpixman-1-dev libglib2.0-dev debian-archive-keyring debootstrap libtool libreadline-dev cmake libffi-dev libxslt1-dev libxml2-devpip install angr==9.2.18 ipython==8.5.0 ipdb==0.13.9 Analysis # python3 analysis/ioctlance.py -husage: ioctlance.py [-h] [-i IOCTLCODE] [-T TOTAL_TIMEOUT] [-t TIMEOUT] [-l LENGTH] [-b BOUND] [-g GLOBAL_VAR] [-a ADDRESS] [-e EXCLUDE] [-o] [-r] [-c] [-d] pathpositional arguments: path dir (including subdirectory) or file path to the driver(s) to analyzeoptional arguments: -h, --help show this help message and exit -i IOCTLCODE, --ioctlcode IOCTLCODE analyze specified IoControlCode (e.g. 22201c) -T TOTAL_TIMEOUT, --total_timeout TOTAL_TIMEOUT total timeout for the whole symbolic execution (default 1200, 0 to unlimited) -t TIMEOUT, --timeout TIMEOUT timeout for analyze each IoControlCode (default 40, 0 to unlimited) -l LENGTH, --length LENGTH the limit of number of instructions for technique L engthLimiter (default 0, 0 to unlimited) -b BOUND, --bound BOUND the bound for technique LoopSeer (default 0, 0 to unlimited) -g GLOBAL_VAR, --global_var GLOBAL_VAR symbolize how many bytes in .data section (default 0 hex) -a ADDRESS, --address ADDRESS address of ioctl handler to directly start hunting with blank state (e.g. 140005c20) -e EXCLUDE, --exclude EXCLUDE exclude function address split with , (e.g. 140005c20,140006c20) -o, --overwrite overwrite x.sys.json if x.sys has been analyzed (default False) -r, --recursion do not kill state if detecting recursion (default False) -c, --complete get complete base state (default False) -d, --debug print debug info while analyzing (default False) Evaluation # python3 evaluation/statistics.py -husage: statistics.py [-h] [-w] pathpositional arguments: path target dir or file pathoptional arguments: -h, --help show this help message and exit -w, --wdm copy the wdm drivers into <path>/wdm Test Compile the testing examples in test to generate testing driver files. Run IOCTLance against the drvier files. Reference ucsb-seclab/popkorn-artifact eclypsium/Screwed-Drivers koutto/ioctlbf Living Off The Land Drivers Download Ioctlance
CODE BLUE default False Enhanced Vulnerability titled Enhanced WDM Drivers
Ioctlance - A Tool That Is Used To Hunt Vulnerabilities...
Description Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability...
Source: KitPloit
Mastering the Art of Software Development: From Developer to Craftsperson
In this blog article, we'll explore the principles of software craftsmanship, the benefits of becoming a software craftsperson, and how we can improve our skills. We'll look at a growth mindset and some resources to help us on our journey. Let's dive in! Witnessing Craftsmanship Let's say we enter a home and face this beautifully crafted staircase. Why do we even think this is beautiful? What comes to mind is the skill and work that has gone into it. The craftsperson has had to think about how to ensure that it's only connected at the top and the bottom, it can support the weight and doesn't fall under its weight, or when there are people on it, climbing up and down. There is also the craftsmanship of the handrail and the curved wall. Why does this craftsmanship strike us or cause us to take notice? Is it because we can see the care taken in creating the stairs? Or maybe we can see that a lot of skill went into it? Or perhaps it's because the knowledge of physics has been used to make it appear that it defies gravity? What Is Craftsmanship? From Collins dictionary, we can see the definition is: Craftsmanship is the quality that something has when it is beautiful and has been very carefully made. What Is Software Craftsmanship? The Manifesto for Software Craftsmanship describes it as follows: Not only working software, n but also well-crafted software. Not only responding to change, n but also steadily adding value. Not only individuals and interactions, n but also a community of professionals. Not only customer collaboration, n but also productive partnerships. If we simplify it, a software craftsperson cares about all aspects of their work. What Separates a Software Developer From a Software Craftsperson? While software developers are primarily concerned with the code they write, software craftspeople take a broader approach. They manage the code, its maintainability, deployability, and application monitoring. This results in robust applications that meet user needs and bring joy to users. Software craftspeople continually hone their skills to create better applications that perform well in production without constant supervision. Quality applications are made through thorough testing and proactive monitoring that alerts the team to potential issues. Why Choose to Embark on the Path of a Software Craftsperson? For anyone who connects with the principles of software craftsmanship — well-crafted software, steadily adding value, being part of a community, and having productive partnerships with their users — the path of software craftsperson is a good fit. It's a journey where we continually learn the craft of building software in an evolving landscape. As software craftspeople, we're not happy just throwing things out the door but instead focusing on quality and stability. We also want to build up a community of people who can create high-quality software so that we all can learn from each other and build on what others are learning. Why Did I Make the Transition to Software Craftsperson? Different people have different journeys, motivations, and experiences regarding craftsmanship. Let me tell you my story. I had worked in software development for over ten years when I joined a software craftsmanship dojo. At the start, I didn't understand the impact that the dojo would have. I thought I was only there to learn Test Driven Development (TDD). Previously, I had learned TDD by participating in code retreats. Still, I needed help incorporating the new working method into day-to-day coding outside of fixing defects or working on straightforward features. The dojo allowed me to learn hands-on each week, developing the skills that drive my development through testing. This mindset progressed to the point where I now find it hard to think about developing without using TDD. The move to software craftsmanship made sense as a path for my career since I had worked on many projects where we were fighting the storm of trying to develop the application, dealing with production issues, and managing our technical debt. This storm led me to burnout and disillusionment in the software developer career. Having an opportunity in the weekly two-hour dojo to learn new skills and have hands-on experience meant that it was two hours that I looked forward to the most in the week. Outside the dojo, I practice a daily coding exercise, use what I learned in my work, and consider new ways of doing things. This practice has led me to develop skills to quickly deploy new, well-tested applications with testing, monitoring, and scanning toolchains, improving my DORA and DASA scores. Growth Mindset Moving to become a software craftsperson will mean that we can see that there are ways that we can grow. Rather than seeing our skills as something that can't be changed, we realise we can improve incrementally over time. So, rather than having a fixed mindset where we think our skills limit our growth, we have a growth mindset. Referring to the previous post, building habits and working on getting 1% better is fundamental to creating a growth mindset. This growth mindset doesn't just stop with us; it should also include growing the people around us. Having a growth mindset is vital to building a community of software craftspeople. Benchmarking Our Skills To understand where we are with our software craftsmanship skills, we can use the DevOps Agile Skills Association (DASA) DevOps quick scan to know where we are with our skill levels. Then, we can work on improving the areas that need addressing. The quick scan looks at 12 different areas: Business Value Optimisation Business Analysis Architecture and Design Test Specification Programming Continuous Delivery Infrastructure Engineering Security, Risk, Compliance Courage Team Building DevOps Leadership Continuous Improvement Each area will receive a score from one (novice) to five (master). The report will help us understand what is required at the next level and how to improve. Methodology for Developing Quality Cloud Applications A methodology called the twelve-factor app is used to build software-as-a-service applications that can scale without significant changes to tooling, architecture, or development practices. The created app uses declarative formats for setup automation, has a clean contract with the underlying operating system, and minimizes divergence between development and production. The methodology can be applied to apps in any programming language and can use any combination of backend services. We can build the best software-as-service application possible by following the twelve factors. Getting Started on Our Journey as Software Craftspeople Understanding more about software craftsmanship can always be helpful. There is a link to further reading on the Manifesto for Software Craftsmanship. There you will see, among others: Apprenticeship Patterns: Guidance for the Aspiring Software Craftsman by Dave Hoover and Adewale Oshineye Software Craftsmanship by Pete McBreen The Pragmatic Programmer by David Thomas and Andrew Hunt A title missing from that list is: The Software Craftsman by Sandro Mancuso These titles help us further understand software craftsmanship and what we must look at in our journey. We should improve ourselves and those around us to build well-crafted software using the lessons learned. Conclusion Changing our identity from a developer to a software craftsperson leads us to build well-crafted applications. The key to the change is treating it as a journey, and as with any journey, we can take many different routes. We've talked about some of the resources that might be useful, and we can use the resources that entice us and keep us going along the journey. Transforming 1% daily will mean we will have significantly impacted how we work for a year and beyond. References Craftsmanship Definition — https://www.collinsdictionary.com/dictionary/english/craftsmanship Manifesto for Software Craftsmanship — https://manifesto.softwarecraftsmanship.org DASA Quick Scan — https://scan.devopsagileskills.org BriX Software Craftsmanship Dojo — https://swcraftsmanshipdojo.com DORA Quick Check — https://dora.dev/quickcheck The Twelve-Factor App — https://12factor.net Apprenticeship Patterns: Guidance for the Aspiring Software Craftsman by Dave Hoover and Adewale Oshineye — https://www.amazon.com/Apprenticeship-Patterns-Guidance-Aspiring-Craftsman/dp/0596518382/ Software Craftsmanship by Pete McBreen — https://www.amazon.com/Software-Craftsmanship-Imperative-Pete-McBreen/dp/0201733862 The Pragmatic Programmer by David Thomas and Andrew Hunt — https://www.amazon.com/Pragmatic-Programmer-journey-mastery-Anniversary/dp/0135957052 The Software Craftsman by Sandro Mancuso — https://www.amazon.com/Software-Craftsman-Professionalism-Pragmatism-Robert/dp/0134052501 Credits The title image is from Dreamstudio AI.
craftsmanship Software Craftsman software craftsmanship software craftsperson
Mastering the Art of Software Development: From Developer...
In this blog article, we'll explore the principles of software craftsmanship,...
Source: Hacker Noon
LiteSpeed Cache WordPress plugin actively exploited in the wild
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites. WPScan researchers reported that threat actors are exploiting a high-severity vulnerability in LiteSpeed Cache plugin for WordPress. LiteSpeed Cache for WordPress (LSCWP) is an all-in-one site acceleration plugin, featuring an exclusive server-level cache and a collection […]
LiteSpeed Cache WordPress plugin actively exploited...
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache...
Source: Security Affairs
SysWings - Cloud & Managed services
Founded in 2017 to support startups in their IT strategy, in France and abroad, SysWings has extended its activities to the cloud and managed services. The team is made up of heterogeneous profiles, mixing employees and consultants, scaled according to your projects.
SysWings - Cloud & Managed services
Founded in 2017 to support startups in their IT strategy, in France and abroad,...
University System of Georgia Says 800,000 Students Impacted in MOVEit Hack
The University System of Georgia (USG) announced that the confidential information of approximately 800,000 students, faculty, and staff was exposed in the recent MOVEit data breach. The breach occurred due to a vulnerability in the MOVEit Secure File Transfer software used by USG and hundreds of other organizations to store and transfer sensitive data. In […] The post University System of Georgia Says 800,000 Students Impacted in MOVEit Hack appeared first on Cyber Security News.
University System of Georgia Says 800,000 Students...
The University System of Georgia (USG) announced that the confidential information...
Source: Latest Hacker and Security News