Turns out that it’s easy to broadcast radio commands that force Polish trains to stop:

…the saboteurs appear to have sent simple so-called “radio-stop” commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those commands, Olejnik says, anyone with as little as $30 of off-the-shelf radio equipment can broadcast the command to a Polish train­—sending a series of three acoustic tones at a 150.100 megahertz frequency­—and trigger their emergency stop function.

“It is three tonal messages sent consecutively. Once the radio equipment receives it, the locomotive goes to a halt,” Olejnik says, pointing to a document outlining trains’ different technical standards in the European Union that describes the “radio-stop” command used in the Polish system. In fact, Olejnik says that the ability to send the command has been described in Polish radio and train forums and on YouTube for years. “Everybody could do this. Even teenagers trolling. The frequencies are known. The tones are known. The equipment is cheap.”

Even so, this is being described as a cyberattack.

from Schneier on Security https://ift.tt/xlnWIeJ

Cloud Native Application Protection Platforms (CNAPPs) have emerged as a critical category of security tooling in recent years due to the complexity of comprehensively securing multi-cloud environments, according to Cloud Security Alliance.

Secure cloud computing environment

Much of CNAPPs popularity has been driven by their ability to consolidate the capabilities of the numerous security tools organizations current deploy, namely Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), and Cloud Infrastructure Entitlement Management (CIEM), network security, and secure DevOps.

“When considering the challenges facing today’s businesses, people and technology take center stage. On one hand, companies need to bolster the workforce with well-trained security professionals who understand their roles and responsibilities. On the other hand, there’s a pressing need for effective technology and tooling that both addresses the rapidly evolving landscape of cybersecurity threats while effectively supporting security teams,” said Hillary Baron, lead author and Senior Technical Director for Research, Cloud Security Alliance.

“It’s clear that today’s multi-cloud environments are increasingly complex, and enterprises must find ways to comprehensively address their security posture,” Baron continued.

“Many traditional security solutions still in use today just aren’t capable of adequately protecting increasingly dynamic and distributed multi-cloud strategies. As organizations navigate their path in the cloud, it’s imperative that they leverage solutions that offer an integrated approach to security. In doing so, they can better prepare themselves to handle the complex cybersecurity challenges of today and the future,” said Adwait Joshi, Director of Cloud Security product marketing at Microsoft.

Securing multi-cloud environments

Cloud native application protection platform

Three out of four organizations opt to use CNAPP to protect their multi-cloud environment. 75% of organizations have implemented or planned to implement CNAPPs in their cloud environments. One of the driving factors behind this move is the prevalence of multi-cloud strategies—84% of organizations reported utilizing two or more cloud environments.

Cloud security posture management

Security teams are demanding clear-cut information for proper prioritization. A flood of security alerts has made it difficult for security teams to manage and prioritize security enhancements.

32% of respondents disclosed that they’re struggling with prioritizing security improvements due to the overwhelming—and often incorrect—information they receive. Moreover, 34% find themselves buried under security recommendations, while an equivalent percentage lacks contextual or actionable insights to make informed decisions.

DevOps security

Despite growing recognition the importance of DevOps security, expertise and talent shortages are hindering progress. Despite the trend toward shift-left security and DevSecOps, the incorporation of robust security measures within DevOps is still in its early stages, with significant obstacles hindering full integration.

Currently, 51% of organizations are in the process of integrating security into their DevOps practices, with only 35% reporting complete integration. The primary challenges include lack of security expertise (46%), insufficient automation (43%), an excessive number of false positives (42%), and lack of actionable feedback (42%).

Cloud workload protection

Challenges around incident response come back to people, process, and technology. The lack of manpower was identified as a significant challenge by 25% of respondents; an absence of formal response plans was reported by 29% of organizations; and 39% reported the lack of automation as a key challenge.

Network security

The most mature implementation, yet threat detection remains a challenge. Network security, out of all the categories, was the most mature. 43% of respondents reported full integration in a multi-cloud environment for network security, compared to just 28% CSPM.

While the growing popularity of zero-trust strategies may be a key driver behind this level, organizations are still facing key challenges in network security, particularly concerning threat detection and the management of a large volume of security alerts.

Cloud infrastructure entitlement management

Misconfigurations top concern with permissions. 43% of organizations identified misconfigurations of permissions as their top concern. This prevalent issue can have serious repercussions, potentially leading to unauthorized access and even catastrophic data loss.

Misconfigurations can inadvertently expose sensitive data or grant unnecessary privileges, creating openings that could be exploited by malicious actors.

from Help Net Security https://ift.tt/Gsz28pl

The expansion of large language models (LLMs) in recent times has brought about a revolutionary change in machine learning processes and has introduced fresh perspectives on the potential of AI, according to Predibase.

Based on survey data from organizations experimenting with LLMs, researchers have found that enterprises are looking for ways to customize and deploy open-source LLMs without giving commercial vendors access to proprietary data, and they are exploring other use cases beyond generative AI capabilities.

“It is now open season for LLMs. Thanks to the widespread recognition of OpenAI’s ChatGPT, businesses are in an arms race to gain a competitive edge using the latest AI capabilities. Still, they require more customized LLMs to meet domain-specific use cases,” said Piero Molino, CEO of Predibase.

“This report highlights the need for the industry to focus on the real opportunities and challenges as opposed to blindly following the hype,” Molino added.

Enterprise adoption of LLMs

Less than a quarter of enterprises are comfortable using commercial LLMs. 33% cite concerns about sharing sensitive or proprietary data with commercial LLM vendors, leading to increased interest in privately hosted, open-source alternatives.

Open-source LLMs are gaining momentum. Nearly 77% of respondents either don’t use or don’t plan to use commercial LLMs beyond prototypes in production, citing concerns about privacy, cost, and lack of customization, leading to an uptick in open-source alternatives. Meta, for example, has moved away from building closed-source LLMs like LLaMA-1, replacing it with LLaMA-2, available as open-source and free for commercial and research applications.

While generative AI use cases remain popular, enterprises see the potential of other applications to provide business value. Information extraction is the second most popular use case (selected by 32.6% of respondents).

This involves leveraging LLMs to convert unstructured data like PDF documents or customer emails into structured tables for aggregate analytics. Next was Q&A and Search (15.2% of respondents), the brain in chatbots that provides accurate and relevant responses to user queries in real-time.

Customized LLMs

Organizations are turning to customized LLMs to achieve more accurate and tailored results. Most teams plan to customize their LLMs by fine-tuning (32.4%) or reinforcement learning with human feedback (27%). The roadblocks team face with fine-tuning continue to be a lack of data (21%) and the overall complexity of the process like managing infrastructure (46%).

“We see clear potential to improve the outcomes of our conservation efforts using customized open-source LLMs to help our teams generate insights and learnings from our large corpus of project reports,” said Dave Thau, Global Data and Technology Lead Scientist, World Wildlife Fund.

“The trick, of course, will rest not in building these outcomes but in ensuring that they deliver consistent, secure, responsible outcomes. With an increasing desire to customize and deploy open-source models, enterprises will need to invest in operational tooling and infrastructure capable of keeping up with the rapid pace of innovation in the open-source community,” Shimmin concluded.

from Help Net Security https://ift.tt/MIA3SBU

Photo: Mino Surkala (Shutterstock)

If you spend enough time surrounded by trees, you may come across some that have been marked with various colors of spray paint, using different symbols, letters, or numbers. In most cases, this is a type of code that public and private landowners use to denote the future of a tree. Here’s what to know about the meanings behind the colors.

What spray paint marks on trees mean

The first thing to know is that the colors, markings, and their meanings aren’t always consistent. That’s because there isn’t a universal color-coding system that all states, cities, landowners, and the U.S. Forest Service (USFS) has agreed upon.

According to Bill Cook, a forester and biologist at the Michigan State University Extension, the paint on trees in forests often represents timber sale contract specifications. In those cases, trees sold for timber are usually marked at both chest height and at the stump, on one or both sides of the tree, he explains.

The meanings of paint colors on trees

Though the meanings of the paint colors can differ depending on the location, here are some of the most common colors and markings found spray painted on trees, and what they can indicate:

• Orange or Yellow: Trees that are scheduled to be harvested
• Blue: Can be used to mark property lines
• Purple: In many states, a vertical or square purple paint mark on trees or fenceposts is the equivalent of a “No Trespassing” sign
• White circle: An endangered animal or bird lives in the tree
• Red: Designates the boundary of USFS land; can also be used to mark the edge of the timber sale, especially on large pieces of property, like public or corporate land
• Black: Acts as an “eraser” correcting a mistake

If you come across a tree on or near your property that’s marked with spray paint and it’s not the handiwork of someone in your household, your best bet is to contact your local extension office. They’ll be able to tell you what the color and marking means, and if there are any other steps you should take.

from Lifehacker https://ift.tt/HFwQAjf

Photo: OlgaGi (Shutterstock)

If any of the major appliances in your home were to break, your dishwasher would probably be the least disruptive. Inconvenient? Sure. But given how many households don’t have a dishwasher at all, making do without yours for a bit probably wouldn’t be as bad as life without your refrigerator, for example.

So, if your dishwasher does happen to break, are you better off fixing it or buying a new one? The experts at Consumer Reports (CR) have created a guide and interactive tool to help you figure it out. Here’s what to know.

How to use CR’s interactive tool

You can access the interactive online tool on this page of the CR website. Use the sliders on the bottom of the tool to indicate how long you’ve owned your dishwasher, the original cost, and any estimate you have for a repair.

The color bar will then let you know whether you should definitely repair, consider a repair, or replace your dishwasher. If it indicates that you should replace your dishwasher, the tool provides recommendations for new models to consider.

Disposing of your old dishwasher 

According to CR research, it typically makes more financial sense to replace your dishwasher, because they lose value quickly, and professional repairs can be pricey, with a median repair cost of around $142.

But that doesn’t necessarily mean your old dishwasher has to end up in a landfill. Although appliances are notoriously difficult to recycle, you can try to find a retailer that will haul away—and ideally recycle—your old dishwasher when you purchase a new one.

It’s also a good idea to check with your local city/town or county government to see if there are dedicated appliance or large-item recycling days. Another option is using Earth 911’s search tool to find the nearest recycling center (by ZIP code).

from Lifehacker https://ift.tt/VxHipg1

Labor Day weekend is widely considered the unofficial end of summer, and whether that’s music to your ears, or thinking about the upcoming fall and winter seasons gets you down, you’re going to have to eat at some point. Fortunately, there are plenty of food deals and freebies to choose from this Labor Day weekend. Here are a few to consider.

Auntie Anne’s

From now through September 4, for every $30 purchased in gift cards, customers will receive an additional $5 in Auntie Anne’s Rewards AND $5 in Cinnabon Rewards to be used on a future visit. This offer is only available online.

Carvel

From August 28 through September 22, get a $5 Reward Card for every $25 spent on gift cards. This offer is only available online.

Cinnabon

From now through September 4, for every $30 purchased in gift cards, customers will receive an additional $5 in Auntie Anne’s Rewards AND $5 in Cinnabon Rewards to be used on a future visit. This offer is only available online.

Jamba

From September 1—4, Jamba loyalty members will receive a $5 Reward Card with the purchase of $25 in gift cards.

Marco’s Pizza

From September 5—7, get 30% off all menu-price pizzas using promo code LD30.

QDOBA

Reward members get 2x points on any purchase made between September 2—4.

TGI Friday’s

From Friday, September 1 through Monday, September 4, get 25% off platters, party trays, and family meal bundles by using promo code LABORDAY25 on online or call-in takeout orders. Plus, Fridays Rewards members can get free chips & salsa or $3 off any appetizer.

Vita Coco/DoorDash

On Tuesday, September 5, Vita Coco and DoorDash are teaming up to offer two deals:

First, get $9 off snacks and over-the-counter meds on orders from The Hangover Shop on DoorDash with the purchase of a Vita Coco. Second, get $9 off your total order from Bluestone Lane on DoorDash with the purchase of a coconut water cold brew.

Of course, these are only a few of the restaurant offers available this Labor Day weekend, and more will likely be announced leading up to the holiday. If there are any that you’d like to share, feel free to provide the details in a comment below.

from Lifehacker https://ift.tt/10LUwzk

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Network detection and response in the modern era
In this Help Net Security interview, David Gugelmann, CEO at Exeon, sheds light on the current cyber threats and their challenges for network security. He discusses the role of Network Detection and Response (NDR) solutions that leverage machine learning algorithms to improve threat detection and streamline incident response.

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure
North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US.

Maintaining consistent security in diverse cloud infrastructures
In this Help Net Security interview, Kennedy Torkura, CTO at Mitigant, discusses the complexity of maintaining clear visibility into cloud environments, why it poses such a challenge for CISOs, and how they can prepare to address potential issues.

Anticipating the next wave of IoT cybersecurity challenges
In this Help Net Security interview, Roland Atoui, Managing Director at Red Alert Labs, discusses the intricacies of transitioning from isolated IoT setups to interconnected environments, examining the broadening attack surface and the nuanced complexities this evolution imposes.

AI and the evolution of surveillance systems
In this Help Net Security interview, Gerwin van der Lugt, CTO at Oddity, discusses the future of surveillance and AI’s influence. He also delves into how organizations can prevent their systems from perpetuating biases or violating individual rights.

IEEE 802.11az provides security enhancements, solves longstanding problems
In this Help Net Security interview, Jonathan Segev, IEEE 802.11 Task Group (TG) Chair of next-generation positioning (TGaz) at IEEE, discusses IEEE 802.11az. The new standard will enable accuracy to less than 0.1 meters, which is a significant improvement from the current Wi-Fi location accuracy of 1-2 meters.

8 open-source OSINT tools you should try
Open-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are available for free.

Chrome will tell users when extensions they use are removed from Chrome Web Store
Google will be extending the Safety check feature within the Chrome browser to alert users when a previously installed extension is no longer available in the Chrome Web Store.

WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)
RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. CVE-2023-40477 is a remote code execution vulnerability that could allow remote threat actors to execute arbitrary code on an affected WinRAR installation.

Juniper Networks fixes flaws leading to RCE in firewalls and switches
Juniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers to achieve remote code execution (RCE) on the company’s SRX firewalls and EX switches.

Seiko joins growing list of ALPHV/BlackCat ransomware victims
Japanese watchmaker Seiko has been added to ALPHV (BlackCat) ransomware group’s victim list, following a data breach occurring in early August. With the investigation still ongoing, the company is working to prevent additional damage and has urged customers and business partners to contact them if they receive unsolicited emails or notifications.

Ivanti Sentry zero-day vulnerability exploited, patch ASAP! (CVE-2023-38035)
Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system.

Open redirect flaws increasingly exploited by phishers
Phishing attacks using open redirect flaws are on the rise again, according to Kroll’s Cyber Threat Intelligence (CTI) team, which means organizations should consider refreshing employees’ awareness and knowledge on how to spot them.

Bogus OfficeNote app delivers XLoader macOS malware
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. XLoader is a malware-as-a-service infostealer and botnet that has been active since 2015, but first appeared as a macOS variant in 2021, written in Java.

Surge in identity crime victims reporting suicidal thoughts
Identity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the 2023 Consumer Impact Report from the Identity Theft Resource Center (ITRC) and Experian.

Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts.

Kali Linux 2023.3 released: Kali NetHunter app redesign, 9 new tools, and more!
Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. Kali Linux 2023.3 introduces a redesigned Kali NetHunter app and a completely new NetHunter Terminal.

Bitwarden launches E2EE Secrets Manager
Bitwarden, a popular open-source password management service, has released Bitwarden Secrets Manager, an open-source, end-to-end encrypted solution that helps development, IT and DevOps teams store, manage, automate, and share secrets.

Cloud hosting firms hit by devastating ransomware attack
Danish cloud hosting firms CloudNordic and Azero – both owned by Certiqa Holding – have suffered a ransomware attack that resulted in most customer data being stolen and systems and servers rendered inaccessible.

Google Workspace: New account security, DLP capabilities announced
New capabilities in Google Workspace will help enterprises improve account and data security, by making unauthorized takeover of admin and user accounts and exfiltration of sensitive data more difficult.

The complex world of CISO responsibilities
In this Help Net Security round-up, we present segments from previously recorded videos featuring experts in the field who shed light on the crucial responsibilities and challenges that define the world of CISOs.

Understanding how attackers exploit APIs is more important than ever
In this Help Net Security video, Andy Hornegold, Product Lead at Intruder, dives into API security and explores how several recent high-profile breaches were caused by simple failings – which didn’t require sophisticated security to prevent.

How the downmarket impacted enterprise cybersecurity budgets
In this Help Net Security video, Sara Behar, Content Manager at YL Ventures, discusses how enterprise cybersecurity budgets have been impacted by the downmarket and how vendors can adapt.

How digital identity protects connected cars
In this Help Net Security video, Eve Maler, CTO at ForgeRock, discusses how digital identity can help create a more secure connected car experience and what car manufacturers should consider regarding data privacy regulation.

How EU lawmakers can make mandatory vulnerability disclosure responsible
There is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the benefit of the community.

IT’s rising role in physical security technology
As the adoption of cloud-based and mobile-access security systems continues to increase among both new and established businesses, the lines between traditional physical security personnel and IT staff are beginning to blur.

Does a secure coding training platform really work?
As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We should train developers, so they stop making these mistakes.”

Cybersecurity insurance is missing the risk
Cybersecurity insurance is a rapidly growing market, swelling from approximately $13B in 2022 to an estimated $84B in 2030 (26% CAGR), but insurers are struggling with quantifying the potential risks of offering this type of insurance.

ImmuniWeb introduces ImmuniWeb Neuron Mobile, an automated mobile app security testing solution
ImmuniWeb has introduced ImmuniWeb Neuron Mobile – its 6th product available on the ImmuniWeb AI Platform that currently covers over 20 cybersecurity, privacy and compliance use cases.

Organizations invest in AI tools to elevate email security
To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research.

Large-scale breaches overshadow decline in number of healthcare data incidents
While H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels, according to Critical Insight.

Cybercriminals turn to AI to bypass modern email security measures
Cybercriminals employ artificial intelligence (AI) to create complex email threats like phishing and business email compromise (BEC) attacks, while modern email security systems use AI to counter these attacks, according to Perception Point and Osterman Research.

Lack of visibility into cloud access policies leaves enterprises flying blind
Fragmented access policies are top security concern in multi-cloud environments, with more than 75% of enterprises reporting they do not know where applications are deployed and who has access to them, according to Strata Identity.

Unrealistic expectations exacerbate the cybersecurity talent shortage
Consumers believe today’s cybersecurity talent shortage is in large part due to limited exposure to the profession and a lack of cybersecurity education and training at a younger age within school systems, according to ThreatX.

Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks during the first half of 2023, according to Sophos.

New infosec products of the week: August 25, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Security Onion, OffSec, ImmuniWeb, LOKKER, Kingston Digital and Bitwarden.

from Help Net Security https://ift.tt/iNLIzHw