Modernizing Vulnerability Management: The Move Toward Exposure Management

Modernizing Vulnerability Management: The Move Toward Exposure Management,

Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present the same level of risk. Traditional metrics such as CVSS score or the number of vulnerabilities are insufficient for effective vulnerability management as they lack business context, prioritization, and understanding of

,

Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present the same level of risk. Traditional metrics such as CVSS score or the number of vulnerabilities are insufficient for effective vulnerability management as they lack business context, prioritization, and understanding of

, ,
https://thehackernews.com/2023/04/modernizing-vulnerability-management.html

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware,

A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket.
« [RustBucket] communicates with command and control (C2) servers to download and execute various payloads, » Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week. 
The Apple device management company attributed it

,

A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket.
« [RustBucket] communicates with command and control (C2) servers to download and execute various payloads, » Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week. 
The Apple device management company attributed it

, ,
https://thehackernews.com/2023/04/lazarus-subgroup-targeting-apple.html

Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis

Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis,

Google’s cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape. 
Powering the cybersecurity suite is Sec-PaLM, a specialized large language model (LLM) that’s « fine-tuned for security use cases. »
The idea is to take advantage of the latest advances in AI to augment

,

Google’s cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape. 
Powering the cybersecurity suite is Sec-PaLM, a specialized large language model (LLM) that’s « fine-tuned for security use cases. »
The idea is to take advantage of the latest advances in AI to augment

, ,
https://thehackernews.com/2023/04/google-cloud-introduces-security-ai.html

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes,

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud.
« This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security, »

,

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud.
« This change means users are better protected from lockout and that services can rely on users retaining access, increasing both convenience and security, »

, ,
https://thehackernews.com/2023/04/google-authenticator-app-gets-cloud.html

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering,

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal.
« Tomiris’s endgame consistently appears to be the regular theft of internal documents, » security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. « The threat actor targets government and

,

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal.
« Tomiris’s endgame consistently appears to be the regular theft of internal documents, » security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. « The threat actor targets government and

, ,
https://thehackernews.com/2023/04/russian-hackers-tomiris-targeting.html

Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack

Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack,

Threat actors are employing a previously undocumented « defense evasion tool » dubbed AuKill that’s designed to disable endpoint detection and response (EDR) software by means of a Bring Your Own Vulnerable Driver (BYOVD) attack.
« The AuKill tool abuses an outdated version of the driver used by version 16.32 of the Microsoft utility, Process Explorer, to disable EDR processes before deploying

,

Threat actors are employing a previously undocumented « defense evasion tool » dubbed AuKill that’s designed to disable endpoint detection and response (EDR) software by means of a Bring Your Own Vulnerable Driver (BYOVD) attack.
« The AuKill tool abuses an outdated version of the driver used by version 16.32 of the Microsoft utility, Process Explorer, to disable EDR processes before deploying

, ,
https://thehackernews.com/2023/04/ransomware-hackers-using-aukill-tool-to.html

Study: 84% of Companies Use Breached SaaS Applications – Here’s How to Fix it for Free!

Study: 84% of Companies Use Breached SaaS Applications – Here’s How to Fix it for Free!

,

A recent review by Wing Security, a SaaS security company that analyzed the data of over 500 companies, revealed some worrisome information. According to this review, 84% of the companies had employees using an average of 3.5 SaaS applications that were breached in the previous 3 months. While this is concerning, it isn’t much of a surprise. The exponential growth in SaaS usage has security and

,

A recent review by Wing Security, a SaaS security company that analyzed the data of over 500 companies, revealed some worrisome information. According to this review, 84% of the companies had employees using an average of 3.5 SaaS applications that were breached in the previous 3 months. While this is concerning, it isn’t much of a surprise. The exponential growth in SaaS usage has security and

, ,
https://thehackernews.com/2023/04/study-84-of-companies-use-breached-saas.html

Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites

Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites,

Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to surreptitiously backdoor websites as part of an ongoing campaign, Sucuri revealed in a report published last week.
The plugin in question is Eval PHP, released by a developer named flashpixx. It allows users to insert PHP code pages and posts of WordPress sites that’s then executed every time the posts are

,

Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to surreptitiously backdoor websites as part of an ongoing campaign, Sucuri revealed in a report published last week.
The plugin in question is Eval PHP, released by a developer named flashpixx. It allows users to insert PHP code pages and posts of WordPress sites that’s then executed every time the posts are

, ,
https://thehackernews.com/2023/04/hackers-exploit-outdated-wordpress.html

Explosion des ransomwares : les attaques se multiplient en 2023

Explosion des ransomwares : les attaques se multiplient en 2023,

ransomware

Une vague de ransomwares submerge les entreprises. Au premier trimestre 2023, les logiciels malveillants ont extorqué de l’argent à plus de 800 sociétés. Ce sont les virus disponibles par abonnement qui sont pointés du doigt.

,

ransomware

Une vague de ransomwares submerge les entreprises. Au premier trimestre 2023, les logiciels malveillants ont extorqué de l’argent à plus de 800 sociétés. Ce sont les virus disponibles par abonnement qui sont pointés du doigt.

, ,
https://www.01net.com/actualites/explosion-ransomwares-attaques-multiplient-2023.html

New All-in-One « EvilExtractor » Stealer for Windows Systems Surfaces on the Dark Web

New All-in-One « EvilExtractor » Stealer for Windows Systems Surfaces on the Dark Web

,

A new « all-in-one » stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems.
« It includes several modules that all work via an FTP service, » Fortinet FortiGuard Labs researcher Cara Lin said. « It also contains environment checking and Anti-VM functions. Its primary purpose seems to be to

,

A new « all-in-one » stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems.
« It includes several modules that all work via an FTP service, » Fortinet FortiGuard Labs researcher Cara Lin said. « It also contains environment checking and Anti-VM functions. Its primary purpose seems to be to

, ,
https://thehackernews.com/2023/04/new-all-in-one-evilextractor-stealer.html