Microsoft’s new Security Copilot will help network admins respond to threats in minutes, not day

[…] with Microsoft’s unveiling of the new Security Copilot AI at its inaugural Microsoft Secure event. The automated enterprise-grade security system is powered by OpenAI’s GPT-4, runs on the Azure infrastructure and promises admins the ability “to move at the speed and scale of AI.” Security Copilot is similar to the large language model (LLM) Read more about Microsoft’s new Security Copilot will help network admins respond to threats in minutes, not day[…]

GitHub.com rotates its exposed private SSH key

GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository. The software development and version control service says, the private RSA key was only “briefly” exposed, but that it took action out of “an abundance of caution.” Unclear window of exposure In a succinct blog post published today, GitHub acknowledged discovering this Read more about GitHub.com rotates its exposed private SSH key[…]

Planting Undetectable Backdoors in Machine Learning Models

[…] We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key,” the mechanism is hidden and Read more about Planting Undetectable Backdoors in Machine Learning Models[…]

Whistleblowers Take Note: Don’t Trust Cropping Tools – you can often uncrop them

[…] It is, in fact, possible to uncrop images and documents across a variety of work-related computer apps. Among the suites that include the ability are Google Workspace, Microsoft Office, and Adobe Acrobat. Being able to uncrop images and documents poses risks for sources who may be under the impression that cropped materials don’t contain Read more about Whistleblowers Take Note: Don’t Trust Cropping Tools – you can often uncrop them[…]

DNA Diagnostics Center DCC Forgot About 2.1m Clients’ Data, Leaked It

A prominent DNA testing firm has settled a pair of lawsuits with the attorney generals of Pennsylvania and Ohio after a 2021 episode that saw cybercriminals steal data on 2.1 million people, including the social security numbers of 45,000 customers from both states. As a result of the lawsuits, the company in question, DNA Diagnostics Center Read more about DNA Diagnostics Center DCC Forgot About 2.1m Clients’ Data, Leaked It[…]

It Took Months For Anker To Finally Admit Its Eufy Cameras Weren’t Really Secure

Last November, The Verge discovered that Anker, the maker of popular USB chargers and the Eufy line of “smart” cameras, had a bit of a security issue. Despite the fact the company advertised its Eufy cameras as having “end-to-end” military-grade encryption, security researcher Paul Moore and a hacker named Wasabi found it was pretty easy to intercept Read more about It Took Months For Anker To Finally Admit Its Eufy Cameras Weren’t Really Secure[…]

European Police Arrest 42 After Cracking another Covert comms App: Exclu

European police arrested 42 suspects and seized guns, drugs and millions in cash, after cracking another encrypted online messaging service used by criminals, Dutch law enforcement said Friday. Police launched raids on 79 premises in Belgium, Germany and the Netherlands following an investigation that started back in September 2020 and led to the shutting down Read more about European Police Arrest 42 After Cracking another Covert comms App: Exclu[…]

Corrupt NOTAM database file and backup led to the FAA ground stoppage.

Officials are still trying to figure out exactly what led to the Federal Aviation Administration system outage on Wednesday but have traced it to a corrupt file, which was first reported by CNN. In a statement late Wednesday, the FAA said it was continuing to investigate the outage and “take all needed steps to prevent Read more about Corrupt NOTAM database file and backup led to the FAA ground stoppage.[…]

Citizen’s volunteer ‘safety’ app accidentally doxxes singer Billie Eilish

Citizen, the provocative crime-reporting app formerly known as Vigilante, is in the news again for all the wrong reasons. On Thursday evening, it doxxed singer Billie Eilish, publishing her address to thousands of people after an alleged burglary at her home. Shortly after the break-in, the app notified users of a break-in in Los Angeles’ Read more about Citizen’s volunteer ‘safety’ app accidentally doxxes singer Billie Eilish[…]

Connected car security is very poor – fortunately they do actually take it seriously, fix bugs quickly

Multiple bugs affecting millions of vehicles from almost all major car brands could allow miscreants to perform any manner of mischief — in some cases including full takeovers —  by exploiting vulnerabilities in the vehicles’ telematic systems, automotive APIs and supporting infrastructure, according to security researchers. Specifically, the vulnerabilities affect Mercedes-Benz, BMW, Rolls Royce, Ferrari, Read more about Connected car security is very poor – fortunately they do actually take it seriously, fix bugs quickly[…]

LastPass is being sued following major cyberattack

[…] According to the class action complaint filed in a Massachusetts court, names, usernames, billing addresses, email addresses, telephone numbers, and even the IP addresses used to access the service were all made available to wrongdoers. The final straw in the hat could have been the leak of customers’ unencrypted vault data, which includes all Read more about LastPass is being sued following major cyberattack[…]

FBI warns of fake shopping sites – recommends to use an ad blocker

The FBI is warning the public that cyber criminals are using search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information. […] Cyber criminals purchase advertisements that appear within internet search results using a domain that is similar to an actual Read more about FBI warns of fake shopping sites – recommends to use an ad blocker[…]

LastPass breached again

In keeping with our commitment to transparency, I wanted to inform you of a security incident that our team is currently investigating.  We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, Read more about LastPass breached again[…]

Token tactics: How to prevent, detect, and respond to cloud token theft

[…] Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose. By compromising and replaying a token issued to an identity that has already completed multifactor authentication, the threat actor satisfies the validation of MFA and access is granted to organizational resources accordingly. This poses Read more about Token tactics: How to prevent, detect, and respond to cloud token theft[…]

Fix the Android Security Flaw That Lets Anyone Unlock Your Phone

[…] If an attacker inserts their own SIM into a target’s Android, then enters the wrong SIM PIN three times, they can enter their SIM’s PUK to be able to create a new SIM PIN. Once they do, they bypass the lock screen entirely and access the phone. You can watch the hypothetical attack play Read more about Fix the Android Security Flaw That Lets Anyone Unlock Your Phone[…]

Introducing Shufflecake: plausible deniability for multiple hidden filesystems on Linux

Today we are excited to release Shufflecake, a tool aimed at helping people whose freedom of expression is threatened by repressive authorities or dangerous criminal organizations, in particular: whistleblowers, investigative journalists, and activists for human rights in oppressive regimes. Shufflecake is FLOSS (Free/Libre, Open Source Software). Source code in C is available and released under Read more about Introducing Shufflecake: plausible deniability for multiple hidden filesystems on Linux[…]

Lenovo driver goof poses security risk for users of 25 notebook models

More than two dozen Lenovo notebook models are vulnerable to malicious hacks that disable the UEFI secure-boot process and then run unsigned UEFI apps or load bootloaders that permanently backdoor a device, researchers warned on Wednesday. At the same time that researchers from security firm ESET disclosed the vulnerabilities, the notebook maker released security updates Read more about Lenovo driver goof poses security risk for users of 25 notebook models[…]

Egypt’s COP27 summit app can read your emails and encrypted messages, scan your device, send your location

Western security advisers are warning delegates at the COP27 climate summit not to download the host Egyptian government’s official smartphone app, amid fears it could be used to hack their private emails, texts and even voice conversations. […] The potential vulnerability from the Android app, which has been downloaded thousands of times and provides a Read more about Egypt’s COP27 summit app can read your emails and encrypted messages, scan your device, send your location[…]

AstraZeneca puts username and password on Github, exposes patient data in test environment for a year

Pharmaceutical giant AstraZeneca has blamed “user error” for leaving a list of credentials online for more than a year that exposed access to sensitive patient data. Mossab Hussein, chief security officer at cybersecurity startup SpiderSilk, told TechCrunch that a developer left the credentials for an AstraZeneca internal server on code sharing site GitHub in 2021. Read more about AstraZeneca puts username and password on Github, exposes patient data in test environment for a year[…]

Wi-Peep drone locates all your wifi devices and maps them in your home, can tell if your watch is moving around

We present Wi-Peep – a new location-revealing privacy attack on non-cooperative Wi-Fi devices. Wi-Peep exploits loopholes in the 802.11 protocol to elicit responses from Wi-Fi devices on a network that we do not have access to. It then uses a novel time-of-flight measurement scheme to locate these devices. Wi-Peep works without any hardware or software Read more about Wi-Peep drone locates all your wifi devices and maps them in your home, can tell if your watch is moving around[…]

British govt is scanning all Internet devices hosted in UK

The United Kingdom’s National Cyber Security Centre (NCSC), the government agency that leads the country’s cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The goal is to assess UK’s vulnerability to cyber-attacks and to help the owners of Internet-connected systems understand their security posture. “These activities cover any Read more about British govt is scanning all Internet devices hosted in UK[…]

Multi-factor authentication bombing fatigue can blow open security

The September cyberattack on ride-hailing service Uber began when a criminal bought the stolen credentials of a company contractor on the dark web. The miscreant then repeatedly tried to log into the contractor’s Uber account, triggering the two-factor login approval request that the contractor initially denied, blocking access. However, eventually the contractor accepted one of Read more about Multi-factor authentication bombing fatigue can blow open security[…]

Whoops! Amazon Left Prime Video DB with viewing habits (Named ‘Sauron’) Unprotected – yup Elasticsearch

Amazon didn’t protect one of its internal servers, allowing anyone to view a database named “Sauron” which was full of Prime Video viewing habits. As TechCrunch reports(Opens in a new window), the unprotected Elasticsearch database was discovered by security researcher Anurag Sen(Opens in a new window). Contained within the database, which anyone who knew the Read more about Whoops! Amazon Left Prime Video DB with viewing habits (Named ‘Sauron’) Unprotected – yup Elasticsearch[…]

Thomson Reuters leaked at least 3TB of sensitive data – yes, open elasticsearch instances

The Cybernews research team found that Thomson Reuters left at least three of its databases accessible for anyone to look at. One of the open instances, the 3TB public-facing ElasticSearch database, contains a trove of sensitive, up-to-date information from across the company’s platforms. The company recognized the issue and fixed it immediately. Thomson Reuters provides Read more about Thomson Reuters leaked at least 3TB of sensitive data – yes, open elasticsearch instances[…]

Advocate Aurora Health leaks 3 million patient’s data to big tech through webtracker installation

A hospital network in Wisconsin and Illinois fears visitor tracking code on its websites may have transmitted personal information on as many as 3 million patients to Meta, Google, and other third parties. Advocate Aurora Health (AAH) reported the potential breach to the US government’s Health and Human Services. As well as millions of patients, Read more about Advocate Aurora Health leaks 3 million patient’s data to big tech through webtracker installation[…]