Security Affairs

DECEMBER 24, 2020

— Marius Sandbu (@msandbu) December 20, 2020. 24 45.248.9.195 206.71.159.131 46.229.195.108 117.27.239.154 13.69.68.47 (1/3) pic.twitter.com/AuAg72BsEY — Daniel Weppeler (@_DanielWep) December 21, 2020. The attacks began last week, the systems administrator Marco Hofmann first detailed them. 24 220.167.109.0/24

DDOS 112

DDOS System Administration VPN Authentication 112

Malwarebytes

APRIL 21, 2021

Cybersecurity sleuths Mandiant report that they are tracking “12 malware families associated with the exploitation of Pulse Secure VPN devices” operated by groups using a set of related techniques to bypass both single and multi-factor authentication. CVE-2020-8243 a vulnerability in the Pulse Connect Secure < 9.1R8.2

VPN 73

VPN Authentication Malware System Administration 73

Malwarebytes

APRIL 19, 2022

A new advisory issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury Department (Treasury), highlights the cyberthreats associated with cryptocurrency thefts and tactics used by a North Korean state-sponsored advanced persistent threat (APT) group since at least 2020.

Social Engineering 120

Social Engineering Cryptocurrency Computers and Electronics Engineering 120

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. Tools like two-factor authentication, rate limiting, and DDoS protection can go a long way in securing APIs. password guessing).

DDOS 114

DDOS Authentication Architecture Social Engineering 114

Security Affairs

FEBRUARY 14, 2021

. “Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert. Use multiple-factor authentication. Windows 10).

Passwords 136

Passwords Social Engineering Software System Administration 136

The Last Watchdog

JUNE 2, 2021

The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. PKI is the authentication and encryption framework on which the Internet is built. Each private key serves a narrow function: it gives the same type of authenticity and level of access to each user. This creates exposure.

Encryption 176

Encryption Artificial Intelligence IoT Data collection 176

SC Magazine

JULY 7, 2021

CISA assigned CVE-2020-1938 to the flaw, which stems from the use of Apache JServ (AJP). flaw, which is caused by improper authentication. Further, the Redis server operates on a remote host but is not protected by password authentication. The Redis component also holds the third 9.8

VPN 121

VPN Software System Administration Authentication 121

IT Security Guru

APRIL 12, 2022

There are a few notable exploited misconfigurations, from default built-in file sharing, and lack of password enforcement, albeit no password to multi-factor authentication (MFA), to the risks of legacy protocols and OAuth apps, that can bring a little clarity to understanding the complex landscape that is a company’s SaaS security posture.

CISO 102

CISO Passwords Marketing System Administration 102

Security Affairs

AUGUST 4, 2020

NSCS @cse_cst @CISAgov @FBI [link] — @U.S.CyberCommand (@US_CYBERCOM) August 3, 2020. The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Keep operating system patches up-to-date.

Malware 105

Malware Government Passwords System Administration 105

eSecurity Planet

MARCH 25, 2022

RDP intrusions are typically the result of two attacker methods: brute force authentication attempts or a meddler-in-the-middle (MITM) attack. Remote desktop software’s sensitive influence over other devices means identity and access management (IAM), password security , and multi-factor authentication are critical for risk management.

VPN 117

VPN Software Authentication Encryption 117

Security Boulevard

DECEMBER 2, 2022

In most organization system administrators can disable or change most or all SSH configurations; these settings and configurations can significantly increase or reduce SSH security risks. There are also security risks connected with “host keys,” which are the other authentication method used to identify the Secure Shell server.

Risk 64

Risk Authentication Passwords Accountability 64

SecureWorld News

SEPTEMBER 15, 2020

Between January and August 2020, unidentified actors used aggregation software to link actor-controlled accounts to client accounts belonging to the same institution, resulting in more than $3.5 Some of the credentials belonged to company leadership, system administrators, and other employees with privileged access.".

Banking 56

Banking Passwords Accountability DDOS 56

CyberSecurity Insiders

SEPTEMBER 21, 2021

Authentication and password management. Passwords are one of the least safe user authentication methods, yet they are also frequently used for web applications for safeguarding online data. Authentication is the procedure of confirming that a person, organization, or site is who they say they are. Session management.

Authentication 79

Authentication Passwords Software Accountability 79

eSecurity Planet

DECEMBER 3, 2021

— Dave Kennedy (@HackingDave) July 15, 2020. link] pic.twitter.com/cVIyB44o6q — Eugene Kaspersky (@e_kaspersky) June 22, 2020. Longtime network and system administrator Jack Daniel is a technology community activist, mentor, and storyteller. — Parisa Tabriz (@laparisa) January 26, 2020.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

eSecurity Planet

FEBRUARY 15, 2022

Audit user accounts with administrative privileges and configure access controls with least privilege in mind, and use multifactor authentication. CVE-2015-1130 : An XPC implementation allows authentication bypass and admin privilege escalation in Apple OS X before 10.10.3. 7 SP1, 8, 8.1) How to Use the CISA Catalog.

Ransomware 126

Ransomware Encryption Backups Accountability 126

SecureWorld News

OCTOBER 15, 2020

Strong leadership is especially needed in 2020, when the COVID-19 pandemic has created a host of new challenges for IT and cybersecurity. And it seems that the teen hackers in the Twitter account takeover attack ran a similar social engineering routine, updated to match 2020 technology and the technical challenges created by work from home.

Social Engineering 95

Social Engineering Media Scams Financial Services 95

eSecurity Planet

SEPTEMBER 10, 2021

What authentication methods does the provider support? The fourth biggest threat to public cloud security identified in CloudPassage’s report is unauthorized access (and growing – 53 percent, up from 42 percent in 2020). What are the results of the provider’s most recent penetration tests? Enable security logs.

Penetration Testing 131

Penetration Testing Encryption Risk Technology 131

NopSec

MARCH 16, 2020

I include a sampla here: Vulnerabilities affecting VPN and NG firewalls such as Cisco and Palo Alto Networks, much like the Palo Alto Networks GlobalProtect SSL VPN Critical Pre-authentication vulnerability – CVE-2019-1579. The disclosure blog post can be found here.

VPN 40

VPN Accountability Risk System Administration 40

SecureList

AUGUST 12, 2021

Black Kingdom first appeared in 2019; in 2020 the group was observed exploiting vulnerabilities (such as CVE-2019-11510) in its attacks. In 2019, Gootkit stopped operating after it experienced a data leak , but has been active again since November 2020. Black Kingdom ransomware. Notify your supervisors as soon as possible.

Ransomware 138

Ransomware Malware Banking Encryption 138

Malwarebytes

AUGUST 18, 2021

At the WWDC 2020, Apple made a big deal of several new macOS and iOS features that were, in fact, big deals. The major new security features that would debut in macOS 11 were: Pointer Authentication Codes (PAC) , hardware-enforced Call Flow Integrity (CFI), implemented by Apple’s homegrown 64 bit ARM processor, the M1.

Firmware 144

Firmware Architecture Risk Engineering 144

Security Boulevard

JUNE 20, 2022

On December 15, 2020, Microsoft published their new revised version of Securing Privileged Access on Microsoft docs, including the Enterprise Access Model, which encompasses both on-prem, Operational Technology (OT), Azure, and other cloud providers. They recommend tiered administration with dedicated admin accounts.

Accountability 52

Accountability Risk Authentication Passwords 52