2017 and Architecture - Cyber Security Informer

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

The Hacker News

MARCH 15, 2024

A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions.

Architecture

WordCamp Seattle 2017 – The Emerald City Event

SiteLock

AUGUST 27, 2021

Kostas Nicolacopoulos (@KostasNi) November 4, 2017. It was also clear that her focus on IA (Information Architecture) and UX (User Experience) isn’t just a skill, but also a passion. Because your ultimate goal should be to connect with your audience via your content, not just rank high in search results. You Created a Plugin.

Architecture

Architecture Marketing Malware Software

Crosspost: A Simple SOAR Adoption Maturity Model

Anton on Security

JUNE 17, 2022

For example, in my analyst days, I built a maturity model for a SOC (2018) , a SIEM deployment (2018) and vulnerability management (2017). Thanks to Google SOAR Solution Architecture Manager Oleg Siminel , and others from the Siemplify field team, for their support here. Guess which one is missing? The one for SOAR!

Architecture

Architecture Technology Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Equifax Breach Underscores Need for Accountability, Simpler Architectures

Dark Reading

DECEMBER 11, 2018

A new congressional report says the credit reporting firm's September 2017 breach was 'entirely preventable.'

Architecture

Architecture Accountability

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

The malicious code can target various architectures, it supports both flooder and backdoor capabilities. The primary target of NKAbuse is Linux desktops, however, it can target MISP and ARM architecture. NKN (New Kind of Network) is a decentralized peer-to-peer network protocol that relies on blockchain technology. .

Malware

Malware Architecture Technology DDOS

Microsoft Warns of Email Attacks Executing Code Using an Old Bug

Threatpost

JUNE 10, 2019

The flaw affected all versions of Microsoft Office, Microsoft Windows and architecture types dating back to 2000, and was patched in November 2017.

Architecture

BrandPost: Top 5 Regulatory Reasons for Implementing Zero Trust

CSO Magazine

OCTOBER 27, 2022

It is a floor for any technology vendor who wants to provide high-value solutions to government or commercial customers. Before getting into the details, let’s first settle on what we mean by Zero Trust.

Architecture

Architecture Marketing Technology Government

Samsung shipped 100 million Galaxy smart phones filled with critical security vulnerabilities

CyberSecurity Insiders

FEBRUARY 28, 2022

As per a study conducted by Tel Aviv University, a wide range of Samsung Smart Phones across multiple generations are being released into the market with a major security flaw and the concern is that vulnerability has been existing since 2017- the year when the Galaxy S8 made its first debut.

Mobile

Mobile Architecture Marketing Encryption

NIST’s Post-Quantum Cryptography Standards

Schneier on Security

AUGUST 8, 2022

In 2017, NIST received eighty-two post-quantum algorithm submissions from all over the world. It took a couple of decades to fully understand von Neumann computer architecture; expect the same learning curve with quantum computing. Then, with input from the cryptographic community, NIST crowns a winner.

Encryption

Encryption Architecture Engineering Information Security

Evaluating the NSA's Telephony Metadata Program

Schneier on Security

AUGUST 12, 2019

The first concern was over high numbers: in both 2016 and 2017, the Foreign Intelligence Surveillance Court issued 40 orders for collection, but the NSA collected hundreds of millions of CDRs, and the agency provided little clarification for the high numbers. For a time, the new program seemed to be functioning well.

Surveillance

Surveillance Architecture Encryption Technology

Top Cybersecurity Trends for 2017

Spinone

NOVEMBER 15, 2016

Information Technology research and advisory company, Gartner, presented its top predictions for the cybersecurity industry for 2017 earlier this year. Adoption of Adaptive Security Architecture It’s no longer sufficient to install a firewall and the latest antivirus software and hope for the best.

Cybersecurity

Cybersecurity Software Internet Internet

My Philosophy and Recommendations Around the LastPass Breaches

Daniel Miessler

DECEMBER 24, 2022

These encrypted fields remain secured with 256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user’s master password using our Zero Knowledge architecture. That’s the natural place for core functionality, which I wrote about in 2017. Actually, some data was lost.

Password Management

Password Management Passwords Encryption Architecture

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The KONNI RAT was first discovered in May 2017 by researchers from the Cisco Talos team after it was employed in attacks aimed at organizations linked to North Korea. The KONNI malware also employed in at least two campaigns in 2017. Upon enabling the macros, the code will fetch and install the KONNI malware.

Phishing

Phishing Malware Advertising Architecture

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

Despite being responsible for one of the biggest data breaches of all time in 2017, the credit bureau Equifax is still around—illustrating that the oligopolistic nature of this market means that companies face few consequences for misbehavior. Equifax, Transunion and Experian make up a longstanding oligopoly for credit reporting.

Banking

Banking Financial Services Marketing Data privacy

StripedFly: Perennially flying under the radar

SecureList

OCTOBER 25, 2023

Subsequent analysis revealed earlier instances of suspicious code dating back to 2017. Importantly, our investigation, which considered binary timestamps, indicated that this exploit was created prior to April 2017. It is worth noting that the EternalBlue exploit was publicly disclosed by the Shadow Brokers group on April 14, 2017.

Malware

Malware DNS Encryption Cryptocurrency

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux. A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn.

Malware

Malware DDOS Architecture Financial Services

News alert: DigitalAPICraft and Google partner to simplify development, integration of new apps

The Last Watchdog

SEPTEMBER 27, 2023

He joins the company with nearly two decades banking experience, the last 12 of which while working for HSBC, where he led the API Strategy and Governance as well as Modern Architectures for the group. DigitalAPICraft was founded in 2017 by Bharath Kumar.

Government

Government Engineering Architecture Software

On the Security of Walls

Schneier on Security

FEBRUARY 19, 2018

The very first priority action listed in the 2017 National Security Strategy states: "We will secure our borders through the construction of a border wall, the use of multilayered defenses and advanced technology, the employment of additional personnel, and other measures." That should trouble us more than it does.

Architecture

Architecture Technology

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

DDOS

DDOS Architecture Malware Cybercrime

SiteLock Reviews: Events We Love in 2018

SiteLock

AUGUST 27, 2021

1-3, 2017 in Nashville, TN. Even though WordCamp US was in 2017, we had to feature this beauty as it is one of the largest global WordCamp events of the year. But the biggest uncovering at the 2017 conference was the Gutenberg Editor Project —the biggest change in WordPress since 2003. Check out our WordCamp US 2017 recap here.

Education

Education Architecture Marketing Mobile

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

OCTOBER 8, 2023

The most interesting characteristic of the Triada Trojan apart is its modular architecture, which gives it theoretically a wide range of abilities. Triada was designed with the specific intent to implement financial frauds, typically hijacking the financial SMS transactions.

Firmware

Firmware Mobile Malware Retail

Experts spotted a new Mirai variant that targets new processors

Security Affairs

APRIL 10, 2019

Palo Alto Networks researchers discovered a new variant of the Mirai malware that is targeting more processor architectures than previous ones. Mirai botnet continues to be one of the most dangerous malware in the threat landscape, experts at Palo Alto Networks discovered a new variant that targets more processor architectures than before.

Architecture

Architecture DDOS IoT Internet

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

Malware

Malware DDOS IoT Cybercrime

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since at least 2011. In 2017, Symantec speculated that at least 40 targets in 16 countries have been compromised by the threat actors. The targets were all located in the Middle East, Europe, Asia, and Africa.

Malware

Malware Telecommunications Advertising Encryption

CloudMensis spyware went undetected for many years

Security Affairs

JULY 19, 2022

CloudMensis was developed in Objective-C, the samples analyzed by ESET are compiled for both Intel and Apple architectures. The exploit chain uses four flaws that were disclosed in 2017, a circumstance that suggests that CloudMensis may has been active since at least 2017 evading the detection.

Spyware

Spyware Malware Authentication Architecture

Kinsing threat actors probed the Looney Tunables flaws in recent attacks

Security Affairs

NOVEMBER 4, 2023

Kinsing actors often exploited the PHPUnit vulnerability ( CVE-2017-9841 ) and it engaged in fully automated attacks as part of mining cryptocurrency. .” The discovery demonstrates that Kinsing actors are rapidly adding new exploits to their arsenal, expanding the potential targets. The script is accessible for review here.

Architecture

Architecture Cryptocurrency Hacking Cybercrime

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

SecureList

DECEMBER 14, 2023

Written in Go, it is flexible enough to generate binaries compatible with various architectures. A not-so-new attack vector Evidence collected and analyzed by GERT suggests that this attack exploited an old vulnerability related to Struts2 (CVE-2017-5638 – Apache Struts2), targeting a financial company. (#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#cont

Malware

Malware Architecture DNS DDOS

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage. “The actor has so far primarily deployed Cyclops Blink to WatchGuard devices, but it is likely that Sandworm would be capable of compiling the malware for other architectures and firmware.”

Malware

Malware Firmware Architecture Firewall

Microsoft enabled Retpoline mitigations against the Spectre Variant 2 for Windows 10

Security Affairs

MARCH 4, 2019

The Meltdown attack (CVE-2017-5754) could allow attackers to read the entire physical memory of the target machines stealing credentials, personal information, and more. The Spectre attack (CVE-2017-5753 and CVE-2017-5715) allows user-mode applications to extract information from other processes running on the same system.

Advertising

Advertising Architecture Software Hacking

NASA Audit: Cyber Risk Skyrockets with 'Work from Home'

SecureWorld News

MAY 27, 2021

Significantly, improper use incidents—which result from a violation of an organization's acceptable use policies, such as installing unapproved software or viewing inappropriate material—increased the most, from 249 in 2017 to 1,103 in 2020, a 343 percent growth. Further, improper use continued to be the top attack vector type in 2020.".

Cyber Risk

Cyber Risk Risk Architecture Cyber threats

6 Takeaways From the Changes in OWASP’s Top 10 Vulnerability Ranking

CyberSecurity Insiders

OCTOBER 10, 2021

The last update to the OWASP Top 10 Vulnerability Ranking was in late 2017. A comparison of the 2017 and 2021 Top 10 sequential listing is also provided. This is actually the new name for A03-2017 Sensitive Data Exposure. Much has changed in the cyber threat landscape since then. Cryptographic failures moving a notch up.

Cyber threats

Cyber threats Cyber Attacks Software Risk

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East.

Authentication

Authentication Advertising Architecture Security Intelligence

LookingGlass Cyber Solutions: Threat Intelligence Review

eSecurity Planet

FEBRUARY 10, 2023

The LookingGlass scoutPrime threat intelligence platform (TIP) integrates enterprise-grade external security threat information with information on internal architecture and security information to create actionable, prioritized risk scores for threats. Pricing No specific pricing details are available through the LookingGlass website.

Energy and Utilities

Energy and Utilities Risk Internet Internet

Post-Quantum Cryptography: Lessons Learned from SHA-1 Deprecation

Security Boulevard

JULY 21, 2022

Despite all the emphasis around the shift from SHA-1 to SHA-2, 35% of websites were still utilizing SHA-1 certificates as of November 2016, according to research from Venafi in 2017. Prepare a quantum-safe architecture now. There will be a fresh batch of algorithms to support preparation for Post Quantum Cryptography (PQC).

Encryption

Encryption Authentication Architecture Backups

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

Forrester also predicts that the number of women CISOs at Fortune 500 companies will rise to 20 percent in 2019 , compared with 13 percent in 2017. Director, Industry Solutions Americas Solutions Architecture & Customer Success. Elizabeth Moon. Amazon Web Services. Source: [link].

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

Spotlight Podcast: Fixing Supply Chain Hacks with Strong Device Identities

The Security Ledger

APRIL 11, 2019

In this Spotlight Podcast, sponsored by Trusted Computing Group, I speak with Dennis Mattoon, a Principal Researcher at Microsoft Research and the Chairman of the Trusted Computing Group's DICE Architectures Working Group* about how strong device identities for IoT endpoints can stop. Read the whole entry. »

Hacking

Hacking Architecture IoT Software

Crosspost: A Simple SOAR Adoption Maturity Model

Security Boulevard

JUNE 17, 2022

For example, in my analyst days, I built a maturity model for a SOC (2018) , a SIEM deployment (2018) and vulnerability management (2017). Thanks to Google SOAR Solution Architecture Manager Oleg Siminel , and others from the Siemplify field team, for their support here. Guess which one is missing? The one for SOAR! original version ).

Architecture

Architecture Technology Phishing Risk

How to Prevent DNS Attacks: DNS Security Best Practices

eSecurity Planet

DECEMBER 8, 2023

DNS Server Hardening DNS server hardening can be very complex and specific to the surrounding architecture. Design robust server architecture to improve redundancy and capacity for resilience against failure or DDoS attacks. Anti-DDoS configurations can enhance server architecture DDoS to protect DNS.

DNS

DNS DDOS Firewall Architecture

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

. “Our analysis of this particular sample indicates the file executes on microprocessor without interlocked pipelined stages (MIPS) architecture. This is an extension understood by machines running reduced instruction set computer (RISC) architecture, which is prevalent on many IoT devices.” ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

FELIXROOT Backdoor is back in a new fresh spam campaign

Security Affairs

JULY 30, 2018

The FELIXROOT backdoor was first spotted by FireEye in September 2017, when attackers used it in attacks targeting Ukrainians. The documents include code to exploit known Microsoft Office vulnerabilities CVE-2017-0199 and CVE-2017-11882 to drop and execute the backdoor binary. ” reads the analysis published by FireEye.

Encryption

Encryption Advertising Malware Architecture

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

CyberSecurity Insiders

NOVEMBER 11, 2021

However, there is a difference between the Mirai malware and the new malware variants using Go, including differences in the language in which it is written and the malware architectures. CVE-2017-6077. CVE-2017-18368. CVE-2017-6334. 2027093: ET EXPLOIT Possible Netgear DGN2200 RCE (CVE-2017-6077). CVE-2016-1555.

Malware

Malware IoT Firmware Authentication

BotenaGo strikes again – malware source code uploaded to GitHub

CyberSecurity Insiders

JANUARY 26, 2022

The Mirai botnet targets mostly routers and IoT devices, and it supports different architectures including Linux x64, different ARM versions, MIPS, PowerPC, and more. 4000898: AV EXPLOIT Netgear DGN2200 ping.cgi – Possible Command Injection ( CVE-2017-6077 ). 2027093: ET EXPLOIT Possible Netgear DGN2200 RCE (CVE-2017-6077).

Malware

Malware IoT Authentication Antivirus

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

“The APT actors’ tools have a modular architecture and enable cyber actors to conduct highly automated exploits against targeted devices. . “The APT actors’ tools have a modular architecture and enable cyber actors to conduct highly automated exploits against targeted devices.

Passwords

Passwords Architecture Backups Cyber Attacks

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

WordCamp Seattle 2017 – The Emerald City Event

Webinars

Trending Sources

Crosspost: A Simple SOAR Adoption Maturity Model

Webinars

Equifax Breach Underscores Need for Accountability, Simpler Architectures

New NKAbuse malware abuses NKN decentralized P2P network protocol

Microsoft Warns of Email Attacks Executing Code Using an Old Bug

BrandPost: Top 5 Regulatory Reasons for Implementing Zero Trust

Samsung shipped 100 million Galaxy smart phones filled with critical security vulnerabilities

NIST’s Post-Quantum Cryptography Standards

Evaluating the NSA's Telephony Metadata Program

Top Cybersecurity Trends for 2017

My Philosophy and Recommendations Around the LastPass Breaches

CISA warns of phishing attacks delivering KONNI RAT

A new Zerobot variant spreads by exploiting Apache flaws

CFPB’s Proposed Data Rules

StripedFly: Perennially flying under the radar

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

News alert: DigitalAPICraft and Google partner to simplify development, integration of new apps

On the Security of Walls

Enemybot, a new DDoS botnet appears in the threat landscape

SiteLock Reviews: Events We Love in 2018

Android devices shipped with backdoored firmware as part of the BADBOX network

Experts spotted a new Mirai variant that targets new processors

EnemyBot malware adds new exploits to target CMS servers and Android devices

DePriMon downloader uses a never seen installation technique

CloudMensis spyware went undetected for many years

Kinsing threat actors probed the Looney Tunables flaws in recent attacks

Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol

US and UK link new Cyclops Blink malware to Russian state hackers?

Microsoft enabled Retpoline mitigations against the Spectre Variant 2 for Windows 10

NASA Audit: Cyber Risk Skyrockets with 'Work from Home'

6 Takeaways From the Changes in OWASP’s Top 10 Vulnerability Ranking

Iran-linked APT is exploiting the Zerologon flaw in attacks

LookingGlass Cyber Solutions: Threat Intelligence Review

Post-Quantum Cryptography: Lessons Learned from SHA-1 Deprecation

SPOTLIGHT: Women in Cybersecurity

Spotlight Podcast: Fixing Supply Chain Hacks with Strong Device Identities

Crosspost: A Simple SOAR Adoption Maturity Model

How to Prevent DNS Attacks: DNS Security Best Practices

Mozi Botnet is responsible for most of the IoT Traffic

FELIXROOT Backdoor is back in a new fresh spam campaign

AT&T Alien Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

BotenaGo strikes again – malware source code uploaded to GitHub

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Stay Connected