thehackernews.comThe Hacker News | #1 Trusted Cybersecurity News Site

#1 Trusted Cybersecurity News Platform Followed by 4.50+ million       Subscribe – Get Latest News  Home  Newsletter  Webinars Home Data Breaches Cyber Attacks Vulnerabilities Webinars Store Contact    Resources Webinars THN Store Free eBooks About Site About THN Jobs Advertise with us Contact/Tip Us  Reach out to get featured—contact us to send your exclusive story idea, research, hacks, or ask us a question or leave a comment/feedback! Follow Us On Social Media       RSS Feeds  Email Alerts  Telegram Channel Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices  May 14, 2024 Location Tracking / Privacy Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. "This will help mitigate the misuse of devices designed to help keep track of belongings," the companies said in a joint statement, adding it aims to address "potential risks to user privacy and safety." The proposal for a cross-platform solution was originally unveiled exactly a year ago by the two tech giants. The capability – dubbed " Detecting Unwanted Location Trackers " (DULT) – is available in Android devices running versions 6.0 and later, and iOS devices with iOS 17.5, which was officially shipped yesterday. As part of the industry specification, Android users will receive a "Tracker traveling with you" alert if an unidentified Bluetooth tracking device is detected as moving along with them over MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices  May 13, 2024 The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them," the non-profit said in a post announcing the move. A draft version of the model, which has been conceived in collaboration with Niyo ’Little Thunder’ Pearson, Red Balloon Security, and Narf Industries, was previously released on December 13, 2023. EMB3D, like the ATT&CK framework , is expected to be a "living framework," with new and mitigations added and updated over time as new actors, vulnerabilities, and attack vectors emerge, but with a specific focus on embedded devices. The ultimate goal is to provide device vendors with a unified picture of different vulnerabilities in t The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield  May 13, 2024 Browser Security / Data Protection With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security leaders who are planning their security architecture require data and insights into the browser threat landscape. Recently, LayerX released the " Annual Browser Security Report 2024 ", providing an in-depth analysis of the evolving threat landscape for browser security. This comprehensive report highlights the critical vulnerabilities and attack vectors that pose the greatest risks to enterprise security. It allows decision-makers and stakeholders to benchmark the security challenges of their environment so they can make actionable decisions. Below, we detail key findings from the report and a summarized list of security recommendations. We urge you to read the entire report , Guide: Secure Your Privileged Access with Our Expert-Approved Template Delinea IT Security / Access Control Security Transform your Privileged Access Management with our Policy Template—over 40 expertly crafted statements to elevate compliance and streamline your security. SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike  May 13, 2024 Threat Detection / SoC / SIEM In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives Analysts are overwhelmed with alerts. The knock-on effect of this is that fatigued analysts are at risk of missing key details in incidents, and often conduct time-consuming triaging tasks manually only to end up copying and pasting a generic closing comment into a false positive alert. It is likely that there will always be false positives. And many would argue that a false positive is better than a false negative. But for proactive actions to be made, we must move closer to the heart of an incident. That requires diving into how analysts conduct the triage and investigation process. SHQ Response Platfo Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries  May 13, 2024 Vulnerability / IoT Security Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. "These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT devices foundational to industrial, healthcare, automotive, financial and telecommunications sectors," Kaspersky said . Cinterion modems were originally developed by Gemalto before the business was acquired by Telit from Thales as part of a deal announced in July 2022. The findings were presented at the OffensiveCon held in Berlin on May 11. The list of eight flaws is as follows - CVE-2023-47610 (CVSS score: 8.1) - A buffer overflow vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on the targeted system by sending a specially crafted S Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia  May 13, 2024 Ransomware / Endpoint Security The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), the agencies said the threat actors encrypted and stole data from at least 12 out of 16 critical infrastructure sectors. "Black Basta affiliates use common initial access techniques — such as phishing and exploiting known vulnerabilities — and then employ a double-extortion model, both encrypting systems and exfiltrating data," the bulletin read . Unlike other ransomware groups, the ransom notes dropped at the end of the attack do not contain an initial ransom demand or payment instructions. Rather, the note Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo  May 13, 2024 Software Security / Malware Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project’s logo. The package employing this steganographic trickery is requests-darwin-lite , which has been downloaded 417 times prior to it being taken down from the Python Package Index (PyPI)...