Trending Articles

DNI’s Annual Threat Assessment

Schneier on Security

The office of the Director of National Intelligence released its “ Annual Threat Assessment of the U.S. Intelligence Community.” ” Cybersecurity is covered on pages 20-21. Nothing surprising: Cyber threats from nation states and their surrogates will remain acute.

Data Breaches, Class Actions and Ambulance Chasing

Troy Hunt

This post has been brewing for a while, but the catalyst finally came after someone (I'll refer to him as Jimmy) recently emailed me regarding the LOQBOX data breach from 2020.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Welcoming the Ukrainian Government to Have I Been Pwned

Troy Hunt

Another month, another national government to bring onto Have I Been Pwned. This time it's the Ukrainian National Cybersecurity Coordination Center who now has access to monitor all their government domains via API domain search, free of charge.

Backdoor Added — But Found — in PHP

Schneier on Security

Unknown hackers attempted to add a backdoor to the PHP source code. It was two malicious commits , with the subject “fix typo” and the names of known PHP developers and maintainers. They were discovered and removed before being pushed out to any users.

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Krebs on Security

Someone is selling account information for 21 million customers of ParkMobile , a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses.

Mobile 222

Adam Levin Discusses Facebook Data Leak on NPR

Adam Levin

Adam Levin spoke with NPR about the recent data archive of over 500 million Facebook accounts found on a hacking forum. “It’s serious when phone numbers are out there. The danger when you have phone numbers in particular is a universal identifier,” said Levin. Read the article here.

More Trending

The FBI Is Now Securing Networks Without Their Owners’ Permission

Schneier on Security

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange.

192
192

Microsoft Patch Tuesday, April 2021 Edition

Krebs on Security

Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products.

Dear Microsoft: Please fix MAU

Adam Shostack

This is the second month running that MSAU2 on my Mac has gone haywire. Please fix it. microsoft

130
130

How I pwned an ex-CISO and the Smashing Security Podcast

Javvad Malik

Disclaimer, this was a bit of fun with consent. But there are some worthwhile things to bear in mind. If you’re predictable, then criminals can take advantage of that.

CISO 141

Weekly Update 238

Troy Hunt

"What a s**t week". I stand by that statement in the opening couple of minutes of the video and I write this now at midday on Saturday after literally falling asleep on the couch. The Facebook incident just dominated; everything from processing data to writing code to dozens of media interviews.

Media 213

Google’s Project Zero Finds a Nation-State Zero-Day Operation

Schneier on Security

Google’s Project Zero discovered , and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS.

GUEST ESSAY: ‘Identity Management Day’ highlights the importance of securing digital IDs

The Last Watchdog

The second Tuesday of April has been christened “ Identity Management Day ” by the Identity Defined Security Alliance, a trade group that provides free, vendor-neutral cybersecurity resources to businesses. Related: The role of facial recognition. Today, indeed, is a good a time as any to raise awareness about cyber exposures that can result from casually or improperly managing and securing digital identities.

Today, You Really Want a SaaS SIEM!

Anton on Security

One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate. Let’s explore this topic for the (n+1)-th time. And let me tell you … that “n” is pretty damn large since my first involvement with SIEM in January 2002 (!)?—?

Thursday Threat Model: Github’s Approach

Adam Shostack

A bunch of people recently asked me about Robert Reichel’s post “ How We Threat Model ,” and I wanted to use it to pick up on Threat Model Thursdays, where I talk about process and practices. My goal is always to build, and sometimes that involves criticism.

5 Objectives for Establishing an API-First Security Strategy

Dark Reading

With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever

113
113

How data poisoning attacks corrupt machine learning models

CSO Magazine

Machine learning adoption exploded over the past decade, driven in part by the rise of cloud computing, which has made high performance computing and storage more accessible to all businesses.

Joker malware infected 538,000 Huawei Android devices

Security Affairs

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store.

Majority of Mobile App Vulnerabilities From Open Source Code

Security Boulevard

COVID-19 has impacted everything over the past year, and mobile app security is no exception. The Synopsys Cybersecurity Research Center (CyRC) took an in-depth look at application security, and discovered just how vulnerable apps that use open source code really are.

Mobile 106

100+ critical IT policies every company needs, ready for download

Tech Republic Security

From remote work and social media to ergonomics and encryption, TechRepublic has dozens of ready-made, downloadable IT policy templates

Media 144

More Biden Cybersecurity Nominations

Schneier on Security

News : President Biden announced key cybersecurity leadership nominations Monday, proposing Jen Easterly as the next head of the Cybersecurity and Infrastructure Security Agency and John “Chris” Inglis as the first ever national cyber director (NCD).

Microsoft Warns of Malware Delivery via Google URLs

Dark Reading

A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan

Personal data of 1.3 million Clubhouse users leaked online

Security Affairs

An SQL database containing the personal data of 1.3 million Clubhouse users was leaked online for free, a few days after LinkedIn and Facebook suffered similar leaks. Researchers from Cyber News have discovered that the personal data of 1.3

The Updates Must Go Through

Adam Shostack

On Monday, the Department of Justice announced that it had cleaned malware (“webshells”) off of hundreds of infected mail systems running Microsoft Exchange. Microsoft has been trying to get folks to apply critical security patches to address a problem that’s being actively exploited. A few minutes ago, I posted a screencapture of Microsoft’s autoupdater going haywire on my Mac. The two stories are intimately related to people not wanting to roll patches.

How to raise the cybersecurity poverty line and make companies more secure

Tech Republic Security

The cybersecurity poverty line is a term that can help companies understand security gaps and build better awareness. Learn more about it and how it applies to your organization

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m keynoting the (all-virtual) RSA Conference 2021 , May 17-20, 2021. I’m keynoting the 5th International Symposium on Cyber Security Cryptology and Machine Learning (via Zoom), July 8-9, 2021.

137
137

Microsoft Uses Machine Learning to Predict Attackers' Next Steps

Dark Reading

Researchers build a model to attribute attacks to specific groups based on tactics, techniques and procedures, and then figure out their next move

109
109

RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers

The Hacker News

An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave.

This man was planning to kill 70% of Internet in a bomb attack against AWS

Security Affairs

The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet.

Zero trust: The good, the bad and the ugly

Tech Republic Security

Zero trust is a good cybersecurity platform, but experts suggest care to get it right and not disenfranchise users

Nation-State Cyberthreats Persist

Security Boulevard

We are often told how particular threats were the responsibility of a certain nation-state, and that there was difference between those nations and cybercriminals.

What is IAM? Identity and access management explained

CSO Magazine

IAM Definition. Identity and access management (IAM) in enterprise IT is about defining and managing the roles and access privileges of individual network entities (users and devices) to a variety of cloud and on-premises applications.

CSO 114

Can Training Work Remotely?

Adam Shostack

I get this question a lot: Can distributed/remote training work as well as in person? Especially for threat modeling, where there’s a strong expectation that training involves whiteboards. (I I remember one course in particular, about 15 minutes in, the buyer said: “Let’s get to the whiteboards already!”). ”). And there’s no doubt: people learn by doing.

100
100

Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator

Security Affairs

Microsoft released as open-source the ‘CyberBattleSim Python-based toolkit which is an Enterprise Environment Simulator. Microsoft has recently announced the open-source availability of the Python-based enterprise environment simulator. named ‘CyberBattleSim.’