Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks

The Hacker News - 20 Červen, 2024 - 16:00
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,
Kategorie: Hacking & Security

French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks

The Hacker News - 20 Červen, 2024 - 16:00
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear, Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

The Future of Container Security: Trends and Open Source Tools to Watch

LinuxSecurity.com - 20 Červen, 2024 - 15:43
Containers are among the many recent inventions of modern computing. They have emerged as the cornerstone of software development and deployment. They isolate applications and their dependencies into a closed environment, enabling efficient and consistent deployment across different infrastructures.There are plenty of reasons behind the shift to containerization, the key being the widespread adoption of DevOps practices and cloud-native innovations. However, despite the unmatched convenience and efficiency, containers bring various security challenges that traditional security measures can't fully address.As this new technology proliferates across production environments, securing them should be a priority for all organizations. Unlike traditional devices, containers share the hosts' OS kernel, which is beneficial but exposes it to potential vulnerabilities. This means businesses should re-evaluate their security strategies throughout the container's lifecycle.Similarly, the future of container security depends on several emerging innovations. The increasing shift towards Zero Trust models is especially relevant to containerized environments. This model assumes no inherent trust within the network and enforces stringent authentication measures for access.The shift-left security option, which integrates security practices from the development lifecycle, is also beneficial. This strategy helps developers detect and mitigate vulnerabilities before production, significantly reducing attack surfaces. Various open-source tools, including Trivy, lead the pack in ensuring these developments. Below is a detailed guide on container security and its future. Read on!The Current State of Container SecurityWith the rise of the adoption of containers, there's a need to understand the current state of container security. While containers offer significant benefits, they introduce significant security challenges. It is prudent for organizations and businesses to know some of the existing threats and common attack vendors before adopting them. They Include: Vulnerable code is the most important security risk of containerized applications. As mentioned, containers package applications alongside their dependence. This often includes insecure or outdated libraries that attackers can exploit. Compromised images: Containers rely on images containing apps and their dependencies. Unfortunately, some may have insecure components that expose the entire network to security risks. A compromised container image serves as a perfect entry points for attackers. Insecure working: Containers communicate through internal networks. Poorly secured networks become excellent vectors for attacks. Lack of encryption and insufficient segmentation often lead to data breaches. Container escape: This severe threat occurs when attackers break out of container isolation and access the host system, compromising the host and other containers running on it.While these risks are dire, container environments have various built-in security measures that mitigate these vulnerabilities. These features are built on Docker and Kubernetes but have some limitations. For instance, Docker uses namespaces to isolate containers and host systems. This significantly prevents unauthorized access and denial-of-service attacks and reduces the attack surface. However, Docker's default features are slightly insufficient. Simple issues like using untrusted images can bypass its security setup. Kubernetes also provides perfect built-in security features for container environments. It enhances container security by implementing RBAC, which controls access and empowers network segmentation. Unfortunately, configuring Kubernetes securely often proves challenging. Wrong settings expose containers to vulnerabilities.However, this doesn't mean containers are entirely insecure. Organizations can leverage various open-source container security tools to address these issues that exceed the capability of built-in security measures. These tools include: Trivy and Clair for image vulnerability scanning Kube-bench and Kubescape for configuration and compliance issues. Falco and Sysdig for enhanced runtime security Cilium and Calico will address network security issues. Open Policy Agent and Kyverno to sort policy enforcement issues. Dex and Keycloak for identity verification and access management. Sealed Secrets and HashiCorp Valut for secrets management. They enhance the security of stored sensitive information. Grafana Loki and Prometheus for better incident responses.Collectively, these tools provide targeted solutions that enhance container security in different aspects of the container lifecycle.Emerging Trends in Container SecurityWith the expanding use of containerization, the security realm surrounding these environments keeps evolving in response to emerging threats. Below is a breakdown of top trends shaping the future of container security:Exploitation patterns and attacks targeting containerized environmentsAttackers now use sophisticated techniques to exploit vulnerabilities present in these systems. Some of the recent trends in exploitation patterns include: Supply chain attacks : Malicious persons compromise container images and dependencies, ultimately affecting the supply chain. They can inject malware into private or public repositories. Lateral movement: Attackers attempt to move laterally to access other containers after successfully accessing a container. Resource hijacking '' malicious individuals hijack resources for malicious activities. Containers with misconfigured resources are often very vulnerable.Integrating security into the CI/CD pipelineThis practice is a perfect response to the dynamic nature of container deployments. Also called shift-left security, it focuses on identifying and mitigating vulnerabilities earlier in the container development lifecycle. Various tools, including automated vulnerability scanning and security testing, are integrated into CI/CD workflows before containers reach final production. Automated checks are also conducted to ensure containers have the necessary security structure before deployment.The use of software bills of materialsContainers heavily rely on third-party components and dependencies. Using SBOM has become crucial for tracking and managing all components. It provides a detailed inventory of all components in the container image, including frameworks, libraries, and dependencies. Doing this is beneficial in many ways.For starters, it helps in vulnerability management. Organizations can easily identify and address threats in third-party components. SBOMs also provide vital information during incident response. Knowing the components makes it easy to identify the origin of the compromise.Adoption of policy as code practicesPolicy as Code is a practice of defining security policies enforceable through code. This approach aligns perfectly with shift-left practices, embedding security policies directly into the container development lifecycle. Adoption of these practices helps organizations achieve consistency and automation. Administrators define and automate policies, significantly reducing the risk of misconfiguration and human error. These policies also enhance collaboration between development and security teams.Adoption of AI and ML{modal image="https://linuxsecurity.com/images/articles/features/haskell-dockerfile-linter.png" thumbnail-width="200" thumbnail-height="160" }{/modal}Artificial intelligence and machine learning have transformed container security in the following ways: Threat prediction: ML models analyze patterns and historical data to predict potential threats. This proactive approach helps anticipate and mitigate vulnerabilities before they materialize. Behavior analysis: Al-powered tools analyze container patterns to identify anomalies that indicate security threats like resource usage or unexpected connections. Automated responses: Automated tools provide faster and accurate responses to arising incidents. Integrating AI with incident response workflow allows organizations to streamline threat mitigation and minimize the impact of breaches.Adoption of service mesh architecturesOrganizations have increasingly adopted service mesh architectures to secure communication between containerized environments. This practice enhances traffic control and policy enforcement. Service meshes like Istio provide more control over network traffic, enhancing confidentiality and data integrity.Service meshes also allow organizations to monitor traffic patterns and detect anomalies. Such visibility is crucial for identifying and responding to threats in real time. However, meshes introduce some complexities. Organizations should carefully balance these security advantages with resource demands.Spotlight on Open Source Security ToolsSecuring these environments becomes important as containerization becomes the cornerstone of modern app deployment. Open-source tools can help organizations address various challenges. Some of the top open-source tools to consider include:TrivyTrivy is an open-source tool from Aqua Security that offers excellent vulnerability scanning for container images and file systems. This tool stands out for its comprehensive vulnerability scanning ability, which makes it a must-have tool in business container security sets. Key features of Trivy include: Wide vulnerability coverage: The tool scans various vulnerabilities in container images. It also supports various languages and package managers, broadly covering potential threats. Ease of use: The command-line interface is straightforward and requires minimal setup. Community and support: As an open-source project, Trivy benefits from contributions from a vibrant community of developers. This collaborative environment ensures that it remains up-to-date.HadolintThis is another open-source linter that helps developers write secure Docker images. Hadolint evaluates Docker files, ensuring they adhere to best practices like minimal image size, reduced number of layers, and more. These practices enhance the performance and security of container images.Hadolint also provides security recommendations for improving Docker Files' security. For instance, it can suggest using the ''latest'' tag, which has potential security vulnerabilities. The tool allows users to define custom configurations and rules to suit their requirements. Organizations can also benefit from Clair, Grype, Syft, and Kube-Bench. These tools play a crucial role in improving the container security landscape.Future of Open Source Container Security Tools{modal image="https://linuxsecurity.com/images/articles/features/Picture-4-Docker-Desktop-Dashboard-Trivy-Extension-Image-Scan-and-Vulnerability-list.webp" thumbnail-width="250" thumbnail-height="163" }{/modal}The container security landscape continues evolving, with applications becoming more complex and new threats emerging. Open-source tools like Trivy will also likely undergo significant advancements to meet emerging challenges. As containerized environments become sophisticated, Trivy will expand its detection abilities. Its threat detection abilities will include supply chain attacks and new exploitation techniques.Trivy will also evolve to adapt to the needs of modern architectures, especially hybrid and multi-cloud environments. On the other hand, Hadolint will feature advanced limiting rules and a deeper integration with the container ecosystem. Hadolint will feature sophisticated features that address emerging performance and security issues in Docker Files.However, the fast-paced culture of this environment will necessitate a community-driven approach to open-source tool development. Open-source communities allow for rapid response to emerging threats, leveraging collective expertise and resources.Similarly, integrating open-source security tools into comprehensive security platforms is very possible. Integration of these tools will focus on enhancing interoperability and automation. This will require standardization of APIs and data formats to allow smooth data exchange and communication of these tools.Lastly, new tools will emerge tailored to address specific vulnerabilities associated with evolving container technologies. These tools will likely focus on specific areas, like serverless security. New tools will also help organizations navigate complex compliance requirements. For instance, they will automate compliance checks and provide detailed reports to ensure containerized apps adhere to legal provisions.Challenges and Considerations for the FutureMaintaining robust security becomes challenging as containerization becomes more disrupted and dynamic. The main issues are: Securing dynamic and distributed environments: This requires tools that adapt to diverse deployment environments, including on-premise data centers, edge devices, and multiple clouds. Balancing agility and usability: Focusing overly on agility leads to misconfiguration, while stringent security practices hinder usability. Finding the perfect balance is key. Legal and regulatory issues: Open-source tool development should adhere to a complex legal landscape. Compliance with data protection laws, software licensing and other legal issues becomes challenging.Addressing these challenges requires collaboration and continuous innovation.Keep Learning About Container SecurityContainer technologies offer great flexibility and scalability. However, they come with unique security challenges that necessitate innovative solutions. Fortunately, open-source tools play a crucial role in enhancing security. Their capabilities, ranging from vulnerability scanning to runtime monitoring, help secure container environments.However, developers and professionals still need to contribute to enhancing the security of these projects. Participating in open-source communities helps shape the future of container security and ensures these tools meet the demands of modern applications. Learn about Container Security basics Secure Docker Containers with These Data Management Software Options Open Source Vulnerability Assessment Tools & Scanners
Kategorie: Hacking & Security

Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024

The Hacker News - 20 Červen, 2024 - 12:49
Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining
Kategorie: Hacking & Security

Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024

The Hacker News - 20 Červen, 2024 - 12:49
Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

The Hacker News - 20 Červen, 2024 - 12:22
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News
Kategorie: Hacking & Security

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

The Hacker News - 20 Červen, 2024 - 12:22
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker NewsNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Slack wants to become the ‘long-term memory’ for organizations

Computerworld.com [Hacking News] - 20 Červen, 2024 - 12:00

Slack CEO Denise Dresser this week laid out what she sees as her company’s primary use for artificial intelligence (AI) in the future: making it easier for users to find key channel conversations and turn them into the basis for tasks and projects.

Dresser, a longtime Salesforce employee who took the reins of Slack six months ago, sat down with members of the media on Tuesday after her keynote address at Salesforce’s World Tour event in Boston. Much of the focus was on Slack’s integration with Salesforce’s Einstein Copilot.

(Salesforce acquired Slack in late 2020.)

What Slack will eventually be able to offer both its own and Salesforce’s users is a unified experience where AI oversees any influx of both structured and unstructured data and parses through it to offer users the most important summaries. Being able to find key moments in chats and knowing what happened in conversations is hard to navigate, Dresser said, and is at the heart of Slack’s AI integration.

“Sometimes AI can be the simplest thing that drives productivity,” she said. “So, we did Slack AI Search. With that, Slack becomes the long-term memory of your organization. …Being able to find things easily in a generative manner, where you actually get a summary of what you need to find, was a really big ‘Aha’ moment for us.”

AI’s adoption and integration into virtually every Slack function will continue to accelerate. Dresser pointed to an “evolution of skills” that has come with the adoption of the technology, including prompt engineering or the use of natural language processing to perform functions, such as the creation of software without traditional line-by-line coding.

“It took two months for ChatGPT to get to 100 million users, 15 years for the mobile phone to get to 100 million users, four years for Facebook to get to 100 million users. What I think we’re going to start to see is this [same] acceleration as people start to adopt it, and see productivity improvements,” Dresser said.

“We’re going to bring that into Canvas. It’s going to be in Workflow, it’s going to be in Huddle,” she continued. “So, you’ll see AI infused everywhere. It’s just going to be by your side in the application.”

Users, Dresser explained, won’t even know it’s AI with which they’re interacting; it will be a natural offshoot of the Slack functionality. For example, users would need to use a search window to weed through days of Slack messages they may have missed. Instead, an AI-infused Slack would quickly surface the most important message summaries.

In terms of future innovations, Dresser pointed to the recently launched Slack Lists feature, which automatically captures the most important parts of channel conversations and surfaces them to users.

Less than 34% of projects are completed on time and one budget, Dresser claimed, saying that users having to switch between tasks in applications was a significant drain on time and productivity. “We have millions of people working in Slack; why leave Slack?” she said. “We wanted to bring that capability for tasks, and lists, and projects into Slack. It starts right in a [Slack] conversation, where you’re able to start a task list from that conversation and start working on your project right there.”

The AI-infused communication and collaboration platform will eventually also suggest to its users the chat channels they should prioritize for project purposes. “That type of power in terms of capability is going to be ‘Aha’ moments for people,” Dresser said.

She noted that only about a third of employees in general use AI-powered platforms in their jobs — but those who do have seen an average 81% productivity increase by eliminating mundane tasks.

As AI continues to be integrated into Slack and Salesforce tools, one challenge will be maintaining the feel and “integrity” of what’s she called a “beloved” application.

“We’ve already integrated Slack, Sales Elevate, and Salesforce. Copilot’s integration is going to be great,” she said. “One of the things we thought deeply about was making sure the craft of Slack and the experience of Slack is maintained, even when thinking about architectural integration. Creating that experience that is very Slack-like and that’s efficient and productivity is something we’ve thought deeply about.”

Kategorie: Hacking & Security

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

The Hacker News - 20 Červen, 2024 - 10:09
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA dropper, VBA downloader, link downloader, and executable downloader -- with some of them using a
Kategorie: Hacking & Security

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

The Hacker News - 20 Červen, 2024 - 10:09
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA dropper, VBA downloader, link downloader, and executable downloader -- with some of them using a Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

US makes new move to rein in China’s advanced chip manufacturing

Computerworld.com [Hacking News] - 20 Červen, 2024 - 10:00

The US is once again trying to slow advances in China’s chip manufacturing industry, a move that is unlikely to pay dividends long term, but may help US business concerns in the very short term, according to analysts and other China technology experts. The outcome will shape the semiconductor industry in the years to come.

Reuters reported on the latest diplomatic efforts on Wednesday, noting that US export policy chief Alan Estevez is traveling in an attempt to expand a 2023 agreement between the US, Japan and the Netherlands “to keep chipmaking equipment from China that could help to modernize its military.”

But experts on Chinese technology strategies are skeptical the talks will yield much and, if anything is achieved, they are even more skeptical that it will help long-term. That said, even a short-term delay in China’s chip-making progress could give US companies more breathing room.

The negotiations are tricky. US negotiators must convince key governmental and industrial concerns to stop selling chip manufacturing equipment and materials to China, even though it means surrendering a massive amount of revenue.

Lithography systems a key lever

Japan’s chip strength comes from a wide range of materials and components, whereas the Netherlands’ specialty is lithography systems, the complex machines used to etch semiconductor designs on silicon wafers, said Mario Morales, the group VP overseeing semiconductor coverage for IDC. Lithography “is what makes the most advanced silicon today. These are all critical market segments, so it definitely slows things down, but China is absolutely investing in those spaces,” he said.

The sums of money at stake make the US diplomatic efforts unlikely to succeed, Morales said.

“Some 25 percent of Intel’s business is coming from China,” he said, adding that AMD, Nvidia, and Qualcomm also rely heavily on sales to China. And if the US negotiators are successful, Morales said that he expects China to retaliate.

The only argument that the US can make is long-term, Morales said. These companies all know that China is heavily investing in its own manufacturing operations, and it will only be a few years — Morales projects five to seven years — before China will no longer need materials from Japan and the Netherlands. Once that happens, China will cut off revenue to those companies anyway.

The argument goes that not cooperating with the US now may make the US less likely to be there for those companies when China no longer needs them. On the flip side, it’s unlikely the US would cut back on purchases from Japan and the Netherlands even if they don’t cooperate because US companies need their support. It’s not as though the US would want American companies to buy from China any more than is absolutely necessary.

“Most of these initiatives will fail. And even if they don’t, it only contains China for a short term,” Morales said.

Morales specified automotive, smartphone and China’s own AI operations as representing the bulk of China’s current chip investments.

Irina Tsukerman is a geopolitical analyst, a national security lawyer and the president of Scarab Rising, a global strategy advisory firm. Tsukerman argues that these talks are going to make things very awkward for some of these chip component and tooling manufacturers.

Short-term profit or long-term relationship

“The scramble over these restrictions means companies will be hard pressed to make a choice whether to take maximum advantage of that window of opportunity to make profit, likely at escalated prices, to sell that equipment to China,” Tsukerman said, “or get on the US good side early and voluntarily start cooperating with the additional restrictions with a possibility of gaining early leverage and scoring investments or other positive incentives from Washington, before negative incentives are introduced more broadly.”

But she agrees with the US efforts, as she argues that it will likely succeed in the very short-term.

“Until now, China has been able to capitalize on weak import-export controls, including via US-friendly countries, as well as loopholes in the type of equipment banned under restrictions, to continue apace with its development of its domestic chip industry,” Tsukerman said. “Netherlands and Japan remain in possession of some of the most advanced equipment for developing semiconductors. If these loopholes and restrictions are tightened, China will have a much harder time with making the breakthroughs it needs to circumvent the overall bans on AI chips.”

Tsukerman said that US government officials should also look inward, as China has taken advantage of ineffective enforcement from multiple US agencies. The US “should look towards its own import-export controls, because the occasional and sometimes systematic unwillingness of its agencies to enforce these controls has resulted in China exploiting additional loopholes to gain access to such equipment,” she said. 

Retaliatory measures

In terms of likely Chinese retaliation, the Chinese government would have many options. “The US and its allies should be preparing for a likely eventuality of China placing additional restrictions on the rare earth minerals and other raw materials used in the development of semiconductors to prevent the US and its counterparts from advancing further and making it easier for China to catch up even under restriction,” Tsukerman said.

Potentially more importantly, Tsukerman said the US focus on China might prove problematic, as these chip supplies could also come from various other countries. “Working only with the Netherlands and Japan to prevent China from gaining access to equipment is clearly insufficient. China has benefited from loose import-export controls in countries willing to sell that type of equipment produced with Dutch, Japanese, and/or joint US involvement to China with the same result. The coalition should work in tandem to shut down gray zones, possibly imposing secondary sanctions on countries willing to sell such equipment,” she said. “For now, the chipmaking equipment production is dominated by the US-led coalition. It is only a matter of time before other countries develop their own capabilities, BRICS members being the prime example,” she added, referring to the intergovernmental organization founded by Brazil, Russia, India, China and South Africa and more recently expanded to include Egypt, Ethiopia, Iran, and the United Arab Emirates.

Tsukerman said recent US efforts to negotiate with India may be a good move. “India could still be helpful to chipmaking production in any of the expanded BRICS members in many other ways. Meanwhile, such restrictions certainly do not apply to any of the other members, including Saudi Arabia, which is dedicating billions to start a regional semiconductor hub and may receive China’s assistance in exchange for providing China with such equipment.”

Brian Levine, a managing partner with Ernst & Young who was one of the US Department of Justice’s representatives in the US law enforcement Joint Liaison Group (JLG) with China, said that he sees even a miniscule delay in China’s chip-making efforts as worthwhile for US interests. 

War is waged with microchips

“Progress is progress and the same is true for the delay of progress. These days, war is waged not with guns, but with microchips,” Levine said. “Win the war on microchips and you may win the war generally. I think the administration is trying to pull what levers it can. The degree to which it will be effective will depend on many factors that are unknowable at this point, such as the level of international cooperation with the effort.”  

Although some have raised questions of hypocrisy with the US trying to pressure China into not doing what it is actively doing, Levine disagrees. “Much of this technology was likely stolen from the US and other countries, so I have limited sympathy for those who may get worked up about the US attempting to impose such restrictions.”

Robert Khachatryan, the CEO of Freight Right Global Logistics, is also uncertain about how much of an impact the US diplomatic efforts will make. 

“Although the restrictions may slow China’s progress in the short term, it is uncertain if they will be sufficient to halt it entirely. China has been increasing its investments in domestic chip production, aiming for self-sufficiency,” Khachatryan said. “Restricting China’s access to AI chip technology could disrupt global supply chains and commerce, as China accounts for 24 percent of global semiconductor consumption. Such restrictions might slow worldwide production and distribution and shift trade dynamics, with countries seeking alternative suppliers.”

Kategorie: Hacking & Security

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations

The Hacker News - 20 Červen, 2024 - 08:34
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack chains leverage phishing emails that
Kategorie: Hacking & Security

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations

The Hacker News - 20 Červen, 2024 - 08:34
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack chains leverage phishing emails that Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw

The Hacker News - 19 Červen, 2024 - 18:40
Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert from the researcher about a bug that "
Kategorie: Hacking & Security

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw

The Hacker News - 19 Červen, 2024 - 18:40
Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert from the researcher about a bug that "Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft bolsters quantum platform with gen AI, molecular simulation capabilities

Computerworld.com [Hacking News] - 19 Červen, 2024 - 18:26

Microsoft has added generative artificial intelligence and other enhanced features to its quantum-computing platform as part of a larger strategy to deliver the game-changing technology to a broader range of users — in this case, the scientific community.

The company on Wednesday unveiled the release of Generative Chemistry and Accelerated DFT, which together expand how scientists in the chemicals and materials science industry can use its Azure Quantum Elements platform to help drastically shorten the time it takes them to do research, the company said in a blog post.

“Just as generative AI has unleashed new waves of creativity and improved productivity with collaborative tools like Copilot, we are now bringing AI and natural language processing capabilities to science,” according to the post, attributed to Jason Zander, EVP, Strategic Missions and Technologies.

Kategorie: Hacking & Security

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The Hacker News - 19 Červen, 2024 - 17:09
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available
Kategorie: Hacking & Security

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The Hacker News - 19 Červen, 2024 - 17:09
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Case Study: Unmanaged GTM Tags Become a Security Nightmare

The Hacker News - 19 Červen, 2024 - 13:03
Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can’t afford to allow tags to go unmanaged or become misconfigured.  Read the
Kategorie: Hacking & Security

New Case Study: Unmanaged GTM Tags Become a Security Nightmare

The Hacker News - 19 Červen, 2024 - 13:03
Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can’t afford to allow tags to go unmanaged or become misconfigured.  Read the The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah