Security News > 2023 > July

macOS Under Attack: Examining the Growing Threat and User Perspectives
2023-07-25 11:24

Inventive attackers are specifically targeting Mac systems, as seen with the "Geacon" Cobalt Strike tool attack. To understand the state of cybersecurity on the Mac, the Moonlock team, a dedicated group of MacPaw's researchers and engineers focused on the cybersecurity needs of Mac users, conducted a survey.

How to Create a Custom Security & Threat Dashboard in Power BI
2023-07-25 11:17

Want a custom security dashboard to bring together data from multiple places? Microsoft Power BI can do that and help you spot what's changing. If the security tools you use don't have the right dashboards and reports to help you see at a glance what's going on with your systems, you can build them yourself in Power BI - and you don't need to be an expert in analytics to create something useful.

New York Using AI to Detect Subway Fare Evasion
2023-07-25 11:05

The details are scant-the article is based on a "Heavily redacted" contract-but the New York subway authority is using an "AI system" to detect people who don't pay the subway fare. Joana Flores, an MTA spokesperson, said the AI system doesn't flag fare evaders to New York police, but she declined to comment on whether that policy could change.

TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System
2023-07-25 10:28

A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio standard for radio communication used widely by government entities and critical infrastructure sectors, including what's believed to be an intentional backdoor that could have potentially exposed sensitive information. "Depending on infrastructure and device configurations, these vulnerabilities allow for real time decryption, harvest-now-decrypt-later attacks, message injection, user deanonymization, or session key pinning," the Netherlands-based cybersecurity company said.

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)
2023-07-25 10:20

A zero-day vulnerability affecting Ivanti Endpoint Manager Mobile has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority has confirmed on Tuesday. On Monday, the Norwegian government said that the attack was detected on the ICT platform used by the 12 ministries, though it did not name the platform at the time.

How MDR Helps Solve the Cybersecurity Talent Gap
2023-07-25 10:18

How do you overcome today's talent gap in cybersecurity? This is a crucial issue - particularly when you find executive leadership or the board asking pointed questions about your security team's ability to defend the organization against new and current threats. The right MDR partner can act as an extension of your existing team, while offering a fast and budget-friendly option for uplevelling security at organizations of virtually any size.

Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk
2023-07-25 10:03

A new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw - codenamed Zenbleed and tracked as CVE-2023-20593 - allows data exfiltration at the rate of 30 kb per core, per second.

Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)
2023-07-25 09:44

Apple has patched an exploited zero-day kernel vulnerability in iOS, iPadOS, macOS, watchOS and tvOS. CVE-2023-38606 fix has been backported. In early July, Apple fixed an actively exploited zero-day vulnerability in WebKit.

Norway says Ivanti zero-day was used to hack govt IT systems
2023-07-25 06:42

The Norwegian National Security Authority has confirmed that attackers used a zero-day vulnerability in Ivanti's Endpoint Manager Mobile solution to breach a software platform used by 12 ministries in the country. The Norwegian National Cyber ​​Security Center also notified all known MobileIron Core customers in Norway about the existence of a security update to address this actively exploited zero-day bug.

Inspiring secure coding: Strategies to encourage developers’ continuous improvement
2023-07-25 04:30

He sheds light on the significance of positive security culture, the reasons behind recurrent vulnerabilities, strategies for incorporating secure coding training without hampering development processes, the effectiveness of gamified learning experiences, the need for the regular refreshment of secure development training, and innovative methods to encourage developers to improve their secure coding techniques. How important is fostering a security culture within development teams for secure coding practices?