Closing the cybersecurity skills gap with upskilling programs

From helpnetsecurity.com

The list of skills technologists and organizations need to succeed grows with each new tech advancement, according to Pluralsight. But for many organizations, budgets and staff continue to shrink.

This survey asked 1,400 executives and IT professionals how organizations can leverage technology to drive business value in a world where budgets and headcount are decreasing and technology is evolving at a rapid pace.

Read more…

Discord dismantles Spy.pet site that snooped on millions of users

From theregister.com

INFOSEC IN BRIEF They say sunlight is the best disinfectant, and that appears to have been true in the case of Discord data harvesting site Spy.pet – as it was recently and swiftly dismantled after its existence and purpose became known.

The site, which has been slurping up public data on Discord users since November of last year, was outed to the world last week after it was discovered the platform contained messages belonging to nearly 620 million users from more than 14,000 Discord servers.

Any and all of the data was available for a price – Spy.pet offered to help law enforcement, people spying on their friends, or even those training AI models.

When Spy.pet was discovered, Discord told us that it was working to take action against anyone that’s violated its terms of service, but that it couldn’t share more.

Things are a bit clearer now.

Read more…

No more 12345: devices with weak passwords to be banned in UK

From theguardian.com

Tech that comes with weak passwords such as “admin” or “12345” will be banned in the UK under new laws dictating that all smart devices must meet minimum security standards.

Measures to protect consumers from hacking and cyber-attacks come into effect on Monday, the Department for Science, Innovation and Technology said.

It means manufacturers of phones, TVs and smart doorbells, among others, are now legally required to protect internet-connected devices against access by cybercriminals, with users prompted to change any common passwords.

Brands have to publish contact details so that bugs and issues can be reported, and must be transparent about timings of security updates.

It is hoped the new measures will help give customers confidence in buying and using products at a time when consumers and businesses have come under attack from hackers at a soaring rate.

Read more…

Find Malware by File Contents with YARA Search: Our New Threat Intelligence Service

From any.run

Today, we’re excited to announce a new service in ANY.RUN — YARA Search

YARA Search offers a way to identify threats that differs from our TI Lookup. While TI Lookup allows you to search for related threat data using individual indicators like IP addresses or event fields, YARA Search analyzes the contents of files themselves. 

This is a completely new way to search ANY.RUN‘s threat intelligence database, and a new addition to our range of threat intelligence tools — in true ANY.RUN fashion, giving you quick access to information from real-world data.  

Read more…

Alert! Cisco Releases Critical Security Updates To Fix 2 ASA Firewall 0-Days

From gbhackers.com

Cisco has released critical security updates to address multiple vulnerabilities in its Adaptive Security Appliance (ASA) devices and Firepower Threat Defense (FTD) software, collectively known as the “ArcaneDoor” vulnerabilities.

If exploited, these vulnerabilities could allow a cyber threat actor to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities Catalog, indicating active exploitation in the wild.

Recently, GBHackers on Security reported that a sophisticated cyber espionage campaign dubbed “ArcaneDoor” conducted by a state-sponsored threat actor tracked as UAT4356 to exploit these 2 zero-day vulnerabilities (CVE-2024-20353 and CVE-2024-20359) in Cisco’s Adaptive Security Appliance (ASA) firewalls.

Read more…

Security Leaders Braced for Daily AI-Driven Attacks by Year-End

From infosecurity-magazine.com

Most businesses are concerned about AI-enabled cyber-threats, with 93% of security leaders expecting to face daily AI-driven attacks by the end of 2024, according to a new report by Netacea.

Around two-thirds (65%) expect that offensive AI will be the norm for cybercriminals, used in most cyber-attacks.

The threat vector that respondents to the Netacea survey believe is most likely to be powered by AI is ransomware, cited by 48% of CISOs.

This was followed by phishing (38%), malware (34%), bot attacks (16%) and data exfiltration (13%).

These views closely align with the threat vectors security leaders see as the greatest cyber threat facing their business in the next six months: ransomware (36%), phishing (22%), malware (21%), bot attacks (11%) and data exfiltration (9%).

Netacea believes this shows businesses underestimate the impact bot attacks have, citing its 2023 survey in which enterprises reported that bots cost on average 4.3% of their online revenue.

The firm said this equates to 50 ransomware payouts for the largest businesses.

Read more…