ThreatLocker | Breaking Cybersecurity News | The Hacker News

A design firm is editing a new campaign video on a MacBook Pro. The creative director opens a collaboration app that quietly requests microphone and camera permissions. MacOS is supposed to flag that, but in this case, the checks are loose. The app gets access anyway. On another Mac in the same office, file sharing is enabled through an old protocol called SMB version one. It’s fast and convenient—but outdated and vulnerable. Attackers can exploit it in minutes if the endpoint is exposed to the internet. These are the kinds of configuration oversights that happen every day, even in organizations that take security seriously. They’re not failures of hardware or antivirus software. They’re configuration gaps that open doors to attackers, and they often go unnoticed because nobody is looking for them. That’s where Defense Against Configurations (DAC) comes in. Misconfigurations are a gift to attackers: default settings left open, remote access that should be off (like outdated netwo...

The  ThreatLocker® Zero Trust Endpoint Protection Platform  implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network footholds, and malware attacks as a direct result of user error. With the capabilities of the ThreatLocker® Zero Trust Endpoint Protection Platform implemented into their cybersecurity strategy, organizations in any industry around the world can check off the requirements of most compliance frameworks and sleep better at night knowing they are protected from the most devastating of cyberattacks, such as ransomware. ThreatLocker has shared a  free downloadable asset  to equip IT professionals with cybersecurity compliance best practices. This article aims to elaborate on, and provide a basic over of, the asset. Complexities Across Compliance Frameworks Cybersecurity complia...

New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers. The issues, collectively named  BLUFFS , impact Bluetooth Core Specification 4.2 through 5.4. They are tracked under the identifier  CVE-2023-24023  (CVSS score: 6.8) and were responsibly disclosed in October 2022. The attacks "enable device impersonation and machine-in-the-middle across sessions by only compromising one session key," EURECOM researcher Daniele Antonioli said in a study published late last month. This is made possible by leveraging two new flaws in the Bluetooth standard's session key derivation mechanism that allow the derivation of the same key across sessions. While forward secrecy in key-agreement cryptographic protocols ensures that past communications are not revealed, even if the private keys to a particular exchange are re...