digital certificates | Breaking Cybersecurity News | The Hacker News

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted [ certificate authority ] owner," Google's Chrome security team said . To that end, the tech giant said it intends to no longer trust TLS server authentication certificates from Entrust starting with Chrome browser versions 127 and higher by default. However, it said that these settings can be overridden by Chrome users and enterprise customers should they wish to do so. Google further noted that certificate authorities play a privil...

Google says tens of thousands of Gmail accounts belonging to Iranian users have been targeted in an politically motivated hacking campaign in the weeks leading up to the country's closely watched presidential elections. For the last three weeks, the search giant said it has " detected and disrupted multiple email-based phishing campaigns aimed at compromising the accounts owned by tens of thousands of Iranian users. " " These campaigns, which originate from within Iran, represent a significant jump in the overall volume of phishing activity in the region, " Eric Grosse, Google's Vice President for Security Engineering. Phishing attacks are emails which appear official but instead lead users to websites where they are encouraged to reveal data including usernames, passwords, and credit card details. Google said it has a policy to alert users to " state-sponsored attacks and other suspicious activity ," but did not identify the perpetrators be...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

A recently discovered piece of malware called KRBanker (Korea + Banker = KRBanker) , targeting mostly online end-users at Korean financial institutions. According to nProtect , now an invasive banking Trojan, the new and improved  KRBanker  can block anti-virus software, security websites and even other malware in its quest to steal user information and share it with hackers. Then the malware pings back to the command and control (C&C) server with infection status and then the malware proceeds to download encrypted files on the victim's PC. In the latest variant of the KRBanker malware, scans the PC for lists of DLLs that are related to Korean financial institutions, security software and patches any opcode instructions.  Malware instructed to insert the malicious code that will search and collect any information related to password, account details, and transaction history. Once logged, the compiled information is then sent to a remote server....