Blog - Cyber Security Informer

Quick Threat Model Links October 2019

Adam Shostack

OCTOBER 9, 2019

Continuum has a blog and a spreadsheet on threat modeling lambdas (as a category, not specific to Amazon Lambda), and also a post on threat modeling with CAPEC. Disclosure: I’m on advisory boards for Continuum and Ntrepid. There’s some context from Aaron Small, who made the project happen. What else have you seen?

DoD Adds Two More (ISC)² Certifications to Requirements for Cybersecurity Staff

CyberSecurity Insiders

JUNE 30, 2021

This means that the entire roster of (ISC)² certifications are now required for different security workforce categories within the Department, depending on the functional area the role covers. The HCISPP has been approved for the following categories: Information Assurance Manager Level 1 (IAM 1). IAM Level II (IAM II).

Cybersecurity

Cybersecurity Healthcare Engineering Government

Chaining Zoom bugs is possible to hack users in a chat by sending them a message

Security Affairs

MAY 25, 2022

” reads the advisory. ” reads the advisory for the CVE-2022-22786 issue. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”).

Hacking

Hacking Cybersecurity Information Security

GitLab addressed critical account take over via SCIM email change

Security Affairs

JUNE 4, 2022

” reads the advisory published by GitHub. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Accountability

Accountability Hacking Cybersecurity Information Security

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Security Affairs

JUNE 5, 2022

reads the advisory published by the company. 429 hosts); and if the advisory is accurate, all of these versions are susceptible to this new attack.” ” reads the advisory published by Censys. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. China, and Germany.

Internet

Internet Internet IoT Software

New DFSCoerce NTLM relay attack allows taking control over Windows domains

Security Affairs

JUNE 21, 2022

To mitigate the attack, researchers suggest following Microsoft’s advisory for the mitigation of the PetitPotam NTLM relay attack, such as disabling the NTLM on domain controllers and enabling Extended Protection for Authentication (EPA) and signing features, and turning off HTTP on AD CS servers. To nominate, please visit:?.

Authentication

Authentication Hacking Cybersecurity Information Security

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Security Affairs

MAY 26, 2022

” reads the advisory published by project maintainers. ” reads the advisory. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”).

Surveillance

Surveillance Passwords Hacking Encryption

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Security Affairs

MAY 26, 2022

According to the advisory published by the vendor, the issues affect USG/ZyWALL, USG FLEX, ATP, VPN, NSG firewalls, NXC2500 and NXC5500 AP controllers, and NAP, NWA, WAC, and WAX Access Point families. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?.

Firewall

Firewall VPN Authentication Cyber Attacks

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

The Last Watchdog

AUGUST 29, 2022

We’ve shared some helpful guidance on password security at Zigrin Security blog. Unauthorized access via default, shared, or stolen credentials constituted more than a third of the entire Hacking category and over half of all compromised records. He is also a member of the GIAC Advisory Board. . Shifting exposures.

Hacking

Hacking Passwords Password Management Data breaches

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Security Affairs

JUNE 5, 2022

Atlassian advisory: [link] pic.twitter.com/rz12BMRnMo — Shadowserver (@Shadowserver) June 5, 2022. reads the advisory published by the company. reads the advisory published by Censys. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Pierluigi Paganini.

VPN

VPN IoT Cybersecurity Engineering

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

Security Affairs

JUNE 17, 2022

reads the advisory published by the company. reads the advisory published by the vendor. This blog post serves to share what highly targeted organizations are up against and ways to defend against attacks of this nature.” Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Firewall

Firewall DNS Authentication Malware

A critical flaw in Citrix Application Delivery Management allows resetting admin passwords

Security Affairs

JUNE 15, 2022

” reads the advisory published by the IT giant. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Passwords

Passwords Hacking Cybersecurity Information Security

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Security Affairs

JUNE 3, 2022

” reads the advisory published by the company. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Internet

Internet Internet Authentication Hacking

Cisco will not address critical RCE in end-of-life Small Business RV routers

Security Affairs

JUNE 20, 2022

” reads the Cisco advisory. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Small Business

Small Business Authentication Software Hacking

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs

MAY 26, 2022

reads the advisory published by the company. “A Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Authentication

Authentication Healthcare Education Cybersecurity

Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager

Security Affairs

JUNE 16, 2022

” reads the advisory published by Cisco. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Authentication

Authentication Hacking Software Cybersecurity

MaliBot Android Banking Trojan targets Spain and Italy

Security Affairs

JUNE 18, 2022

” reads the advisory published by F5 Labs. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Banking

Banking Cryptocurrency Malware Mobile

HID Mercury Access Controller flaws could allow to unlock Doors

Security Affairs

JUNE 12, 2022

Below the video PoC published by the researchers: Carrier has published a product security advisory to warn customers about the vulnerabilities and urge them to install firmware updates. ” reads the advisory. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Firmware

Firmware Penetration Testing Manufacturing Authentication

Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild

Security Affairs

JUNE 19, 2022

” reads the advisory published by Wordfence. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Hacking

Hacking Cybersecurity Information Security

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

Security Affairs

JUNE 10, 2022

reads the advisory published by the company. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Hacking Cybersecurity

Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT

Security Affairs

MAY 24, 2022

” reads the advisory published by Trend Micro. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Malware

Malware Telecommunications Internet Internet

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Security Affairs

JUNE 20, 2022

“This blog is the story of a “zombie” Safari 0-day and how it came back from the dead to be disclosed as exploited in-the-wild in 2022. reads the security advisory published by Apple. “A Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?.

Hacking

Hacking Software Cybersecurity Data breaches

DOD ADDS TWO MORE (ISC)² CERTIFICATIONS TO REQUIREMENTS FOR CYBERSECURITY STAFF

CyberSecurity Insiders

JULY 2, 2021

This means that the entire roster of (ISC)² certifications are now required for different security workforce categories within the Department, depending on the functional area the role covers. The HCISPP has been approved for the following categories: Information Assurance Manager Level 1 (IAM 1). IAM Level II (IAM II).

Cybersecurity

Cybersecurity Healthcare Engineering Government

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS

Security Affairs

JUNE 19, 2022

reads the advisory published by the company. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). and QTS 4.4.1, To nominate, please visit:?.

Ransomware

Ransomware Encryption Internet Internet

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

Security Affairs

MAY 31, 2022

” reads the advisory published by Microsoft. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Cybersecurity

Cybersecurity Hacking Accountability Information Security

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers. ” reads the advisory published by the US agencies. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Telecommunications

Telecommunications Authentication Passwords Accountability

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Security Affairs

JUNE 6, 2022

reads the advisory published by Microsoft. “A Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Phishing

Phishing Government Cybersecurity Hacking

10 Reasons to Celebrate 2020

McAfee

DECEMBER 10, 2020

During RSA 2020, Cyber Defense Magazine, the industry’s leading electronic information security magazine, named McAfee the Most Innovative Company in its Cloud Security category for McAfee MVISION Cloud. CASB Category Winner. The post 10 Reasons to Celebrate 2020 appeared first on McAfee Blogs.

Policy Compliance

Policy Compliance Technology Information Security Media

Mapping CVEs and ATT&CK Framework TTPs: An Empirical Approach

NopSec

OCTOBER 11, 2022

This blog post focuses on how to create a bridge / correlation between CVE, CAPEC, CWE and ATT&CK vulnerability and attack taxonomies for the purpose of better understanding attack vectors and methods. In addition, following CWE to CAPEC reveals several categories related to improper input handling and CAPEC-233: Privilege Escalation.

Software

Software IoT Cyber Attacks Social Engineering

Together, we can make a difference

Scary Beasts Security

MARCH 21, 2014

They continued Tavis' work, have a look at the CVE count in this Adobe advisory to appreciate their work.) For example, the Internet Bug Bounty includes Flash as a category. I previously blogged about $10,000 example here. You should call him a hero. What are you waiting for?

Surveillance

Surveillance Software Internet Internet

A Full Guide to Achieving SOC 2 Certification for Startups

Centraleyes

NOVEMBER 16, 2023

The five SOC 2 categories of TSPs include: Security : Ensuring your systems are protected against unauthorized access, both physically and logically. About Centraleyes At Centraleyes, we’re not just another advisory firm but your partner in achieving unparalleled security, privacy, and compliance.

Risk

Risk Data collection Backups Accountability

Hackers Tap into Oldsmar Water Facility

Security Boulevard

FEBRUARY 11, 2021

The other reminder for some and wakeup call for others issued through the same advisory was that the threats themselves range from script kiddies to nation states. Have our blog posts sent to your inbox. Open information sources (e.g. Shodan) and penetration testing toolkits (e.g. servers, PCs, tablets).

Energy and Utilities

Energy and Utilities CISO Penetration Testing Risk

One Year Since Log4Shell: Lessons Learned for the next ‘code red’

Fox IT

DECEMBER 12, 2022

To make matters worse, advisories heavily differed in the early hours of the incident, resulting in conflicting information about which products were affected. Thus, in the first part of this blog we will look back at how our own Security Operations Center (SOC) tackled the problem in the initial days of the ‘code red’.

Software

Software Internet Internet Ransomware

Demystifying the 18 Checks for Secure Scorecards

Security Boulevard

AUGUST 4, 2021

The criteria are grouped into six categories: Basics. Developers can use security advisories in their published packages to allow Dependabot to send alerts to affected repositories. Change control. The CII Best Practices check only indicates that a project has self-certified. Pull Requests.

Software

Software Risk Government Technology

Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

Security Affairs

MAY 23, 2022

” reads the advisory published by Google. “Seven of the nine 0-days TAG discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware

Spyware Surveillance Government Banking

A flaw in Zimbra email suite allows stealing login credentials of the users

Security Affairs

JUNE 14, 2022

” reads the advisory published by NIST. ” reads the advisory published by Sonarsource. . . ” reads the advisory published by Sonarsource. . Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. . “Zimbra Collaboration (aka ZCS) 8.8.15

Passwords

Passwords Hacking Cybersecurity Information Security

A critical RCE flaw in Horde Webmail has yet to be addressed

Security Affairs

JUNE 1, 2022

” reads the advisory published by SonarSource. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Authentication

Authentication Passwords Hacking Cybersecurity

6 Best Threat Intelligence Feeds to Use in 2023

eSecurity Planet

AUGUST 10, 2023

Although it is free to join, membership is required to access InfraGard resources. Pricing It is free to become an InfraGrad member and use InfraGard tools and feeds. infrastructure, making it a less effective option for global enterprises and distributed workforces abuse.ch

Internet

Internet Internet Cybersecurity Malware

McAfee Leapfrogs Competition with trio of awards at 2020 IT World Awards

McAfee

OCTOBER 1, 2020

Network Products Guide , the industry’s leading technology research and advisory guide, recently named the winners in their 15th Annual 2020 Network PG’s IT World Awards. The post McAfee Leapfrogs Competition with trio of awards at 2020 IT World Awards appeared first on McAfee Blogs.

Artificial Intelligence

Artificial Intelligence Technology Engineering

How Passwordless Can Elevate Higher Education

Duo's Security Blog

OCTOBER 20, 2021

Given the risks to a university associated with password weakness and credential theft, it’s fair to say that higher education environments fall firmly into the “would benefit from the technology” category when thinking about whether passwordless is a fit.

Education

Education Authentication Passwords CISO

McAfee Recognised in 2021 Gartner Solution Scorecard Report

McAfee

MAY 3, 2021

The framework that they used splits each of the criteria into one of three categories – Required, Preferred and Optional. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact.

Marketing

Marketing Architecture Technology

The White House Memo on Adopting a Zero Trust Architecture: Top Four Tips

Cisco Security

FEBRUARY 4, 2022

My good friend and fellow Advisory CISO Helen Patton has done a great summary of the memo in a previous blog. As part of the planning exercise, agencies can assess where they are for each control category in terms of “Traditional”, “Advanced” or “Optimal” (as seen in the above diagram). In other words, one size does not fit all.

Architecture

Architecture Authentication CISO Government

Outrun the Bear: Don’t let Weak Passwords be Your Kryptonite

SecureWorld News

OCTOBER 12, 2021

Not every bad actor will fall into the elite, intelligence-of-a-supervillain-mastermind hacker category, though. In 2018, the SentinelOne blog ranked superhero names combined with a number as one of the worst passwords. Good guys in cybersecurity are like Superman, while an ATP hacker might be more like Lex Luther.

Passwords

Passwords Authentication Technology Data breaches

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

Still, such attacks by year’s end were serious enough for the FBI to flag them in its December advisory as a major threat to teaching facilities. The shares of very short attacks (71.63%) and very long attacks (0.14%) decreased in Q4, while the shares of all intermediate categories increased.

DDOS

DDOS Cryptocurrency Marketing Internet

Quick Threat Model Links October 2019

DoD Adds Two More (ISC)² Certifications to Requirements for Cybersecurity Staff

Trending Sources

Chaining Zoom bugs is possible to hack users in a chat by sending them a message

GitLab addressed critical account take over via SCIM email change

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

New DFSCoerce NTLM relay attack allows taking control over Windows domains

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

A critical flaw in Citrix Application Delivery Management allows resetting admin passwords

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Cisco will not address critical RCE in end-of-life Small Business RV routers

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager

MaliBot Android Banking Trojan targets Spain and Italy

HID Mercury Access Controller flaws could allow to unlock Doors

Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

DOD ADDS TWO MORE (ISC)² CERTIFICATIONS TO REQUIREMENTS FOR CYBERSECURITY STAFF

Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

China-linked threat actors have breached telcos and network service providers

Another nation-state actor exploits Microsoft Follina to attack European and US entities

10 Reasons to Celebrate 2020

Mapping CVEs and ATT&CK Framework TTPs: An Empirical Approach

Together, we can make a difference

A Full Guide to Achieving SOC 2 Certification for Startups

Hackers Tap into Oldsmar Water Facility

One Year Since Log4Shell: Lessons Learned for the next ‘code red’

Demystifying the 18 Checks for Secure Scorecards

Cytrox’s Predator spyware used zero-day exploits in 3 campaigns

A flaw in Zimbra email suite allows stealing login credentials of the users

A critical RCE flaw in Horde Webmail has yet to be addressed

6 Best Threat Intelligence Feeds to Use in 2023

McAfee Leapfrogs Competition with trio of awards at 2020 IT World Awards

How Passwordless Can Elevate Higher Education

McAfee Recognised in 2021 Gartner Solution Scorecard Report

The White House Memo on Adopting a Zero Trust Architecture: Top Four Tips

Outrun the Bear: Don’t let Weak Passwords be Your Kryptonite

DDoS attacks in Q4 2020

Stay Connected