Ransomware remains one of the most pressing cybersecurity threats in 2024, with attackers continually evolving their methods to maximize impact and evade detection.

In this Help Net Security round-up, we present excerpts from previously recorded videos featuring cybersecurity experts discussing ransomware-related topics such as payment practices, the recent surge in ransomware attacks, and more.

Complete videos

• Steve Gwizdala, VP of Healthcare at ForgeRock, discusses how vigilance and new ways of enhancing cybersecurity measures will be crucial to healthcare organizations and businesses responsible for protecting consumers’ online information – across the entire supply chain.
• Jordan Schroeder, Managing CISO at Barrier Networks, discusses ransomware payment practices.
• Steve Winterfeld, Advisory CISO at Akamai, discusses the recent surge of ransomware attacks in the US and how it relates to microsegmentation.
• Michelle Alvarez, Strategic Threat Analysis Manager at IBM X-Force, discusses the 2024 X-Force Threat Intelligence Index, revealing top threats and trends the team observed last year across its global engagements and how these shifts are forming the threat landscape in 2024 and beyond.
• Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents.

from Help Net Security https://ift.tt/RJaQD1w

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)
For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit.

YouTube has become a significant channel for cybercrime
Social engineering threats – those which rely on human manipulation – account for most cyberthreats faced by individuals in 2024, according to Avast.

Authelia: Open-source authentication and authorization server
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests.

Cybersecurity jobs available right now: May 22, 2024
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

Fail2Ban: Ban hosts that cause multiple authentication errors
Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses for a configurable amount of time.

Strategies for transitioning to a SASE architecture
In this Help Net Security, Prakash Mana, CEO at Cloudbrink, discusses the primary challenges companies face when transitioning to a SASE architecture and how to overcome them.

Strategies for combating AI-enhanced BEC attacks
In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams.

Grafana: Open-source data visualization platform
Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored.

US retailers under attack by gift card-thieving cyber gang
Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards.

Compromised courtroom recording software was served from vendor’s official site
Courtroom recording software JAVS Viewer has been saddled with loader malware and has been served from the developer’s site since at least April 2, a threat researcher has warned last month.

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub.

Windows’ new Recall feature: A privacy and security nightmare?
Microsoft has announced the Copilot+ line of Windows 11-powered PCs that, among other things, will have Recall, a feature that takes screenshots every few seconds, encrypts them, saves them, and leverages AI to allow users to search through them for specific content that has been viewed in apps, websites, documents, etc.

HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for Health (ARPA-H) has announced the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program aimed at developing a vulnerability management platform for healthcare IT teams.

Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web interface as any user.

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execution.

Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code execution.

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter.

CISOs pursuing AI readiness should start by updating the org’s email security policy
Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on the decline. Easily detected by most of today’s standard email security tools (and thoroughly unconvincing to most recipients), this prototypical form of phishing may soon be a thing of the past.

Cybercriminals shift tactics to pressure more victims into paying ransoms
Ransomware didn’t just grow in the US in 2023, it evolved, with the frequency of ransomware claims jumping 64% year-over-year, according to At-Bay.

2024 sees continued increase in ransomware activity
In this Help Net Security video, Ryan Bell, Threat Intelligence Manager at Corvus Insurance, discusses how ransomware will continue to grow in 2024.

The challenges of GenAI in fintech
While some organizations and their boards have an all-in mindset on GenAI’s usage, others are watching and waiting.

Phishing statistics that will make you think twice before clicking
This article includes excerpts from various reports that offer statistics and insights into the current phishing landscape.

Fighting identity fraud? Here’s why we need better tech
In this Help Net Security video, Patrick Harding, Chief Architect at Ping Identity, discusses the state of identity fraud prevention.

Consumers continue to overestimate their ability to spot deepfakes
The Jumio 2024 Online Identity Study reveals significant consumer concerns about the risks posed by generative AI and deepfakes, including the potential for increased cybercrime and identity fraud.

SEC requires financial institutions to notify customers of breaches within 30 days
The Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions.

Technological complexity drives new wave of identity risks
Security leaders are facing increased technological and organizational complexity, which is creating a new wave of identity risks for their organizations, according to ConductorOne.

Product showcase: Alert – Data breach detector for your email, credit card, and ID
With Alert, you can easily monitor your most important credentials, such as your email, credit card, and ID. Alert will instantly notify you if it appears in breached online databases. This way, you can immediately secure your accounts and prevent more damage before it happens.

New infosec products of the week: May 24, 2024
Here’s a look at the most interesting products from the past week, featuring releases from CyberArk, OneTrust, PlexTrac, and Strike Graph.

from Help Net Security https://ift.tt/34Tn8Qx

https://www.shutterstock.com/image-photo/credit-card-close-shot-selective-focus-567634105

Apparently, more than a third of us use credit cards to buy things just to get the rewards. It’s easy to see why—rewards, miles, and points are basically free stuff and money that can us cash on shopping, travel, and many other things. And there are various strategies to maximize your rewards and get even more out of those programs. Money, free flights, and discounted hotel rooms are great, of course—but there are also some pretty unique rewards programs out there if you’d like to switch it up.

Socks

Yes, you read that right. If regularly purchasing new socks and undergarments is a stressful burden for you, start flying Swiss Air and you can use 3,000 miles to sign up for a BLACKSOCKS subscription and get your socks and underwear delivered to you without thought or effort. While the effort involved in buying (checks notes) socks may not seem so terrible, it does remove one small item from your to-do list, and all you have to do is fly places, which you were probably going to anyway. So if socks are your thing, you do you.

Video games

If you’re a gamer, you know that video games are becoming incredibly expensive. With $70 games on the market and developers soaking you for every bit of downloadable content, weapons upgrade, and unlockable feature, it’s no surprise that we spend an average of $431 per household every year on gaming.

If that’s you, consider the PlayStation Plus Premium card, which comes with a year of Playstation Plus Premium. That lets you access hundreds of game titles, gives you special discounts, and access to the online multiplayer so you can battle it out with your friends. Or young children in foreign countries who have learned to say “git gud” phonetically.

PlayStation 5 Standard Console

£505.00 at Amazon UK

£505.00 at Amazon UK

Rent

Rents keep going up, and people are looking for creative ways to pay it. Even if your landlord or property management company will accept credit card payments, there’s usually a service fee, which is just salt in the wounds. That’s where the Bilt Rewards card comes in. When you open an account on this card, you can set up a routing and account number just like a checking account, allowing you to pay your rent with a credit card even if your landlord won’t accept a card. And you earn points on your rent payments, to boot.

Wine-tasting perks

Are you a wine enthusiast? Do you spend the GDP of a small nation in Sonoma every year to restock your cellar? Then the Visa Signature or Visa Infinite card is for you. You’ll get free tastings, discounted prices on bottles, and other perks that will make your next trip to Wine Country a little cheaper and a little more exclusive.

Super Bowl tickets

The Super Bowl is always one of the hottest tickets around, and getting tickets is difficult—and expensive. The cheapest tickets sold by the NFL to Super Bowl LVIII went for $2,000, but most tickets were priced much higher. And that’s if you can find a ticket at all.

Now, imagine you could buy Super Bowl tickets with points—which is something you can actually do if you have an NFL Extra Points Credit Card and use it a lot. A few years ago it took 175,000 points for two upper-level tickets (225,000 got you better seats), so you’re going to have to give that card a workout if you’re planning to be on the gridiron for Super Bowl LIX.

from LifeHacker https://ift.tt/BCFYh9r

A highlight of Max's June lineup is the season two debut of House of the Dragon (June 16), the HBO Original drama that tells the story of House Targaryen, 200 years before Game of Thrones begins. New episodes will drop on Sundays at 9 pm ET through August 4.

Max's HBO Original documentary slate this month covers sports, Broadway, rock music, and psychiatric treatment. First up is Here to Climb (June 18), which tracks professional sport climbing champ Sasha DiGiulian over the course of her career, followed by Slave Play. Not a Movie. A Play. (June 20), a behind-the-scenes look at the Broadway production that brought themes of race, sex, and interracial relationships to the stage.

Stevie Van Zandt: Disciple (June 22) is a feature-length look at the life of the musician, actor, and activist known as a member of Bruce Springsteen's E Street Band and cast of The Sopranos. One South: Portrait of a Psych Unit (June 25) is a two-part film that goes inside Zucker Hillside Hospital in Queens.

Fans of Hacks (and comedy) will appreciate Everything Must Go (June 13), the debut standup special from Hannah Einbinder.

Finally, there's Problemista (June 28), an A24 film starring Julio Torres—also the writer and director—as an aspiring toy designer from El Salvador navigating the art world and immigration system. Other cast include Tilda Swinton, RZA, Greta Lee, and James Scully. Julio Torres also created, wrote, and directed Fantasmas (June 7), an HBO Original comedy series of vignettes set in an alternate version of New York City.

Here’s everything else coming to Max in June.

What’s coming to Max in June 2024

Arriving June 1

• 50/50 (2011)

• America's Sweethearts (2001)

• American Heist (2014)

• Bandits (2015)

• Big Mommas: Like Father, Like Son (2011)

• Cats & Dogs: The Revenge of Kitty Galore (2010)

• The Chronicles of Narnia: The Voyage of The Dawn Treader (2010)

• Crouching Tiger, Hidden Dragon (2000)

• Demolition (2015)

• The Disaster Artist (2017)

• Evil Dead (2013)

• Fright Night (1985)

• Generation Por Que? (2021)

• Hope Springs (2012)

• House at the End of the Street (2012)

• Into the Blue (2005)

• Into the Blue 2: The Reef (2009)

• The Invention of Lying (2009)

• Jessica's Big Little World, Season 1D (Cartoon Network)

• Krampus (2015)

• Life After (2017)

• Mamma Mia! (2008)

• Marmaduke (2010)

• Minari (2020)

• The Mummy: Tomb of the Dragon Emperor (2008)

• Open Water (2003)

• Open Water 2: Adrift (2006)

• Open Water 3: Cage Dive (2017)

• The Other Guys (2010)

• Overlord (1975)

• Paul Blart: Mall Cop (2009)

• Paul Blart: Mall Cop 2 (2015)

• Ride Along 2 (2016)

• Shadows (2020)

• Shining Through (1992)

• The Skin I Live In (2011)

• Spaceship Earth (2020)

• Splice (2009)

• Sugar (2008)

• The Time Traveler's Wife (2009)

• Trixie Motel: Drag Me Home, Season 1

• Uncut Gems (2019)

• Urban Legend (1998)

• User Zero (2020)

• Wanted (2008)

Arriving June 2

• Craig of the Creek, Season 6A (Cartoon Network)

• Fixer Upper: The Lakehouse, Season 1 (Magnolia)

• Mecum Presents: Automotive Archaeology, Season 1 (Motor Trend)

• Ren Faire (HBO Original)

• Total Drama Island, Season 1 (Cartoon Network)

Arriving June 3

• Battle on the Beach, Season 4 (HGTV)

• Deadly Influence: The Social Media Murders, Season 1 (ID)

• Keanu (2016)

• Mini Beat Power Rockers: Composirockers

• Unexpected, Season 6 (TLC)

Arriving June 4

• Deadliest Catch 20th Anniversary Special, Season 1

Arriving June 5

• Backed by the Bros, Season 1 (HGTV)

Arriving June 6

• Am I OK? (2022)

Arriving June 7

• Fantasmas, Season 1 (HBO Original)

Arriving June 10

• Bellator: Fight Week Dublin, Season 1 (Bleacher Report)

• Paranormal Caught on Camera, Season 7 (Travel)

• Six Schizophrenic Brothers, Season 1 (Discovery)

Arriving June 11

• Deadliest Catch, Season 20 (Discovery)

• Motel Rescue, Season 2 (Magnolia)

Arriving June 13

• Hannah Einbinder: Everything Must Go (Max Original)

Arriving June 16

• American Monster, Season 12 (ID)

• House of The Dragon, Season 2 (HBO Original)

Arriving June 17

• Bellator: Fight Camp Confidential Dublin, Season 2 (Bleacher Report)

Arriving June 18

• Farmhouse Fixer: Camp Revamp, Season 1 (HGTV)

• Here To Climb (HBO Original)

• How It Really Happened, Season 8 (CNN)

Arriving June 19

• Crimes Gone Viral, Season 5 (ID)

Arriving June 20

• Slave Play. Not A Movie. A Play. (HBO Original)

Arriving June 21

• Taylor Swift vs. Scooter Braun: Bad Blood (WT)

Arriving June 23

• Getting Lost with Erin French, Season 1 (Magnolia)

• Magnolia Table with Joanna Gaines, Season 8 (Magnolia)

Arriving June 24

• Cris Miro (She/Her/Hers), Season 1 (WB)

Arriving June 25

• One South: Portrait Of A Psych Unit (HBO Original)

• Dolphin Tale 2 (2014)

• High Speed Chase, Season 2 (ID)

Arriving June 27

• Breaking New Ground (Max Original)

Arriving June 28

• Beach Cottage Chronicles, Season 4 (Magnolia)

• Problemista (2024) (A24)

Arriving June 30

• The Great Food Truck Race, Season 17 (Food Network)

from LifeHacker https://ift.tt/3XZhYjV

Lazy Susans aren't just for the dinner table—they're actually secret organizational cheat codes. You can use them for so much more than arranging side dishes, spices, or condiments. When placed all around your home, in every room, they'll make it easier to grab items from the back of shelves, stack things on top of one another, and generally revolutionize your cleaning and storage habits.

Here are different styles to consider, depending on what you;ll be using them for.

Using Lazy Susans in the kitchen

The most obvious (and traditional) place for one of these turntables is the kitchen. I use basic, single-level lazy Susans all over mine, to organize everything from my shelves, to my pantry, to my fridge. Mine look like this:

Lazy Susan Turntable, Set of 4

$19.99

$22.99 Save $3.00

$19.99

$22.99 Save $3.00

I especially like using these in the fridge, where they help me grab condiments and foods from the back without having to reach around (and knock over) everything stacked in front. Others, like this one from Heshecein ($29.71), actually pull out along a track, in addition to turning 360 degrees, so you can completely pull them out of cupboards or the fridge for even easier access.

You can also use an extra-large one to organize all the cleaning supplies you keep under the sink, as I'm sure you know the pain of bending over to reach deep into a cabinet for a certain kind of cleaner, only to knock over every bottle of Pine Sol and can of Lysol in the process. Try this 16" version from OXO Good Grips ($19.95).

Using Lazy Susans in the bathroom

I have a set of the plain turntables shown above for my bathroom too, and I use them to store my skincare products, and some of my makeup. (I have a lot of skincare and makeup, so I've had to work hard to organize it all.) I also use a two-tiered turntable for things like serums and moisturizers, which come in small bottles that are better stored on top of each other to save on shelf space. I like this one:

Simple Houseware 2 Tier Turntable Lazy Susan Spice Organizer

$14.83

$14.87 Save $0.04

$14.83

$14.87 Save $0.04

There are also some classy-looking models you can get specifically for organizing your beauty products for easy counter access, like this gold and white rotating tray ($11.69).

Using Lazy Susans in the bedroom and living room

Consider using turntables for storage in your living spaces too. Some have compartments that make them great for not only kitchen utensils or makeup brushes, but frequently-used household items like remotes and charging cables. They can be stored out in the open or in a cabinet. This one would be perfect for remotes:

mDesign Spinning Lazy Susan Makeup Turntable Storage Center

$13.57

$13.99 Save $0.42

$13.57

$13.99 Save $0.42

Others, like the one below, look nice enough to display on a table. Try putting a cup of pens, small utensils or garnishes, knick-knacks, or anything you use often into one of these:

TIDITA 13" Acacia Lazy Susan Organizer for Table

$24.98

$24.98

Once you get in the habit of stacking things on a Lazy Susan, they become pretty indispensable for staying organized. I even have one for my tea set. I never use my tea set—I don't drink tea—but you better believe it is pleasingly displayed and easily accessible, in case I ever wake up and decide to become a tea-drinking kind of person.

from LifeHacker https://ift.tt/tD0WeyU

The Department of Homeland Security strung us along on the deadline for obtaining a REAL ID—a U.S. state driver's license or identification that meets REAL ID Act security standards required for air travel—but the final deadline is now just under a year away. If you haven't already obtained yours, you must do so by May 7, 2025.

The REAL ID Act was passed in 2005 in response to a 9/11 Commission recommendation to standardize identification issuance. Initially, states were expected to comply by 2008, but after multiple extensions, travelers ages 18 and older were told to obtain this enhanced form of identification by October 1, 2020. The deadline was then pushed back to May 3, 2023 and later postponed again during COVID to 2025.

Many states have been issuing REAL IDs for several years, and you can check to see if you already have one—thanks to a renewal or upgrade in recent years—by locating a gold or black star in the corner of your state-issued driver's license or identification card.

If you don't, and you want to use your license to clear airport security or enter certain federal buildings, you should start the process now.

How (and why) to get a REAL ID now

If you don't have a REAL ID-compliant driver's license or identification card after May 7, 2025, you won't be able to get on a plane with your standard state-issued license or ID card (though TSA will still accept a handful of other documents, such as a passport or DHS trusted traveler card, for security purposes).

While May 2025 may seem like a ways away, it's worth upgrading your current ID sooner than later, as it may take time to collect the necessary documentation and get an appointment at your driver's license division, especially if you wait until the last minute.

You can use this map from the Department of Homeland Security to link directly to your state's requirements for obtaining a REAL ID. In most cases, you'll need proof of your full legal name, date of birth, social security number, two documents with your address, and lawful residency status. You will also need a new photo, so while you may be able to start the REAL ID application online, you will need to complete the process in person. And, of course, in most cases you'll pay a fee.

Note that a REAL ID is not required for other purposes, such as driving or voting.

from LifeHacker https://ift.tt/lE8tLhe

Legitimate recording software JAVS Viewer has been saddled with loader malware and has been served from the developer’s site since at least April 2, a threat researcher has warned last month.

After analyzing a flagged installer detected in a customer’s environment, Rapid7 threat analysts have come to a similar conclusion, though they say that Justice AV Solutions (JAVS) – the company developing the legitimate software – is disputing their findings.

The malware hiding in the JAVS Viewer installer

According to Rapid7, the malware is a loader associated with the GateDoor/Rustdoor family of malware, which facilitates unauthorized remote access, collects data about the host computer, and downloads additional malicious payloads when instructed to.

The downloaded malicious installer – JAVS Viewer Setup 8.3.7.250-1.exe, signed by an Authenticode certificate issued to “Vanguard Tech Limited”, and downloaded from the official JAVS site on March 5th – contains and executes a binary named fffmpeg.exe.

That binary executes PowerShell scripts and downloads additional malware that steals sensitive information (e.g., credentials stored in browsers).

“Rapid7 has determined that users with JAVS Viewer v8.3.7 installed are at high risk and should take immediate action,” the analysts say.

“Completely re-imaging affected endpoints and resetting associated [account] credentials [and browser sessions] is critical to ensure attackers have not persisted through backdoors or stolen credentials. Users should install the latest version of JAVS Viewer (8.3.8 or higher) after re-imaging affected systems.”

Two compromised installers found

JAVS Viewer opens media and log files created by other pieces of the JAVS software suite, which is specialized software for audio-visual recording in courtroom environments, prison facilities, council and lecture rooms.

The analysts have found two malicious JAVS Viewer packages / compromised installers signed with the Vanguard certificate. The first one was traced back to a download from the official JAVS site, but was not present when the analysts searched for it.

“It’s unknown who removed the malicious package from the downloads page (i.e., the vendor or the threat actor),” they said.

The second one they found a few days later was unlinked, but on the official vendor site.

Rapid7 researchers also found additional malicious payloads hosted on the threat actor’s C2 infrastructure, one of which was subsequently downloaded on their affected customer’s system.

After reporting their findings to Justice AV Solutions, the company said that though they did identify attempts to replace their Viewer 8.3.7 software with a compromised file, the file analyzed by the researchers “did not originate from JAVS or any 3rd party associated with JAVS.” Still, they are revisiting their release process “to strengthen file certification”.

“JAVS service technicians typically install the Viewer software in question. We have all members of our service team validating installations of Viewer software on any potentially affected systems, specifically checking for the presence of the malicious file in question – fffmpeg.exe with three ‘f’s.’ Note, the JAVS file ffmpeg.exe with two ‘f’s’ is a legitimate file,” they noted.

They also advised users to manually check for the malicious file and, if they find it, to re-image the PC and reset credentials used by the user(s).

“We highly encourage all users to verify that JAVS has digitally signed any JAVS software they install. Any files found signed by other parties should be considered suspect,” they added.

from Help Net Security https://ift.tt/RmJ5Sod