Cyber Security Informer

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

JANUARY 25, 2021

Related: Digital certificates destined to play key role in securing DX. Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map. Certificate compromises. Supplier trojans. The infected entities included the U.S.

Hacking

Hacking B2B Authentication Software

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. “Why do I need a certificate?” One of Megatraffer’s ads on an English-language cybercrime forum.

Malware

Malware Cybercrime Software Antivirus

SHARED INTEL: Automating PKI certificate management alleviates outages caused by boom

The Last Watchdog

OCTOBER 26, 2021

Our Public Key Infrastructure is booming but also under a strain that manual certificate management workflows are not keeping up with. PKI and digital certificates were pivotal in the formation of the commercial Internet, maturing in parallel with ecommerce. Certificate confusion.

Digital transformation

Digital transformation eCommerce Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

The Last Watchdog

SEPTEMBER 5, 2023

Without them the integrity of our food supplies, the efficacy of our transportation systems and reliability of our utilities would not be what they are. Without them the integrity of our food supplies, the efficacy of our transportation systems and reliability of our utilities would not be what they are.

IoT

IoT Government Internet Internet

Microsoft fixed two zero-day bugs exploited in malware attacks

Security Affairs

APRIL 11, 2024

CVE-2024-26234 – Proxy Driver Spoofing Vulnerability – The flaw reported by Sophos ties a malicious driver signed with a valid Microsoft Hardware Publisher Certificate. In December 2023, Sophos X-Ops received a report of a false positive detection on an executable that was signed using a valid Microsoft Hardware Publisher Certificate.

Malware

Malware DNS Mobile Software

Thinking of a Cybersecurity Career? Read This

Krebs on Security

JULY 24, 2020

In most cases, the aspirants ask which certifications they should seek, or what specialization in computer security might hold the brightest future. In most cases, the aspirants ask which certifications they should seek, or what specialization in computer security might hold the brightest future.

Cybersecurity

Cybersecurity Architecture Hacking Engineering

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

What drew you to this field? I held this position from 2000 through 2014, during which time Windows emerged as a prime target for both precocious script kiddies and emerging criminal hacking rings. Erin: What cybersecurity technologies are you most excited about right now? Erin: So, let’s get started.

Cyber threats

Cyber threats Cyber Insurance Cybersecurity Threat Detection

China-linked APT Billbug breached a certificate authority in Asia

Security Affairs

NOVEMBER 15, 2022

A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government agencies since March 2022. “The victims in this campaign included a certificate authority, as well as government and defense agencies.” ” reads the report published by Symantec.

Penetration Testing

Penetration Testing Government Malware Internet

OSINT. What can you find from a domain or company name

Pen Test Partners

DECEMBER 4, 2023

From this we can find: Subdomains IP addresses Web servers TLS certificates Email provider information Email addresses Staff contact information Breached credentials Code repos Documents Internal server or domain names Other domains …plus much more This will provide you with further layers of information to examine and scrutinise.

Media

Media DNS Marketing Risk

Lessons from the Kronos Ransomware Attack – Why Good Enough isn’t Enough

CyberSecurity Insiders

JANUARY 12, 2022

With a SOC 2 report or ISO certificate in hand, companies assume they can feel confident in their chosen partners and vendors, and that they are doing their part to ensure security best practices are maintained. Take the massive hack at retail giant Target in 2014. That same year, the company earned PCI-DSS certification.

Ransomware

Ransomware Retail Hacking Healthcare

Advice for the Graduating Class of 2023: Qualities of a Modern Day Cybersecurity Professional

CyberSecurity Insiders

MAY 10, 2023

Each of these programs provide candidates with insights into what it takes to work in security operations — but it’s not the only route to a successful career in the industry. Going Beyond Technical Credentials What distinguishes candidates who will fare well in the high-stress, continually evolving cybersecurity industry?

Cybersecurity

Cybersecurity Penetration Testing Technology Hacking

China-Linked Cybercrime Group Attacks Asian Certificate Authority, Breaches Government Agencies

Security Boulevard

NOVEMBER 15, 2022

China-Linked Cybercrime Group Attacks Asian Certificate Authority, Breaches Government Agencies. Billbug’s techniques and software are complex and polished by many years of practical hacking against high-value targets. brooke.crothers. Tue, 11/15/2022 - 15:14. Billbug is longstanding threat.

Cybercrime

Cybercrime Government Software Hacking

Latest on the SVR’s SolarWinds Hack

Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). Interviews with key players investigating what intelligence agencies believe to be an operation by Russia’s S.V.R.

Hacking

Hacking System Administration Software Surveillance

We Heard You: Updates to the (ISC)² Ethics Questions

CyberSecurity Insiders

NOVEMBER 8, 2021

The question on our eligibility review asked candidates: “Have you ever been involved, or publicly identified, with criminal hackers or hacking?”. We want to ensure that (ISC)² certification is accessible and inclusive, and that our endorsement of members is accurate and fair. We heard you loud and clear. We heard you.

Hacking

Hacking Cybersecurity Education

No, I Did Not Hack Your MS Exchange Server

Krebs on Security

MARCH 28, 2021

The group looks for attacks on Exchange systems using a combination of active Internet scans and “honeypots” — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how. Let’s just get this out of the way right now: It wasn’t me. krebsonsecurity[.]top

Hacking

Hacking Cybercrime DNS Antivirus

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

The Last Watchdog

FEBRUARY 18, 2020

It does this by verifying that the server involved is who it claims to be, based on the digital certificate issued to the server. For instance, the Russian Turla hacking ring was recently spotted spreading an innovative Trojan, called Reductor , designed to alter the way Chrome and Firefox browsers handle HTTPS connections.

Encryption

Encryption Firewall Risk IoT

Nobelium APT uses new Post-Compromise malware MagicWeb

Security Affairs

AUGUST 25, 2022

FoggyWeb allows operators to exfiltrate the configuration database of compromised AD FS servers, decrypt token-signing certificates and token-decryption certificates , and download and execute additional malware components. This is not a supply chain attack. ” reads the analysis published by Microsoft.

Malware

Malware Authentication Telecommunications Government

Google TAG spotted actors using new code signing tricks to evade detection

Security Affairs

SEPTEMBER 26, 2021

The researchers noticed that OpenSUpdater samples were often signed with the same code-signing certificate, but since mid-August, they noticed that the executables had an invalid signature. 509 certificate.” 509 certificate. . 509 certificate.” 509 certificate. . 509 certificate.

Software

Software Hacking Cybercrime Information Security

Cost of a Machine Identity Data Breach with Yahoo!

Security Boulevard

SEPTEMBER 26, 2022

What used to be an unimaginable feat is now just another steppingstone to the next biggest hack. What used to be an unimaginable feat is now just another steppingstone to the next biggest hack. s unsecured keys and certificates. Virtually a third of certificates on Yahoo!’s Alexa Cardenas. Costs Compared.

Data breaches

Data breaches Digital transformation Cyber Attacks Encryption

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

The Last Watchdog

FEBRUARY 3, 2021

It’s only February, and 2021 already is rapidly shaping up to be the year of supply-chain hacks. The SolarWinds hack came to light in mid-December and has since become a red hot topic in the global cybersecurity community. Video: What all companies need to know about the SolarWinds hack.

Phishing

Phishing Hacking Accountability Social Engineering

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

MARCH 4, 2020

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. A bug in Let’s Encrypt’s certificate authority (CA) software, dubbed Boulder, caused the correct validation for some certificates.

Encryption

Encryption Advertising DNS Software

Q&A: How certifying in-house IT staffers as cyber analysts, pen testers can boost SMB security

The Last Watchdog

NOVEMBER 12, 2018

Ransomware, business email compromises and direct ACH system hacks continue to morph and intensify. Many companies are taking it a step further, selecting certain techies to also receive advanced training and pursue specialty CompTIA certifications in disciplines such as ethical hacking and penetration testing. Stanger: Yes.

Penetration Testing

Penetration Testing System Administration Cybersecurity Technology

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

By separating which companies see what parts of our data, and in what contexts, we can gain control over data about ourselves (improving privacy) and harden cloud infrastructure against hacks (improving security). Beyond these economic effects, the rules have important data security benefits. You have no choice in the matter.

Banking

Banking Financial Services Marketing Data privacy

RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment

The Last Watchdog

MAY 11, 2021

By patiently slipping past the best cybersecurity systems money can buy and evading detection for 16 months, the perpetrators of the SolarWinds hack reminded us just how much heavy lifting still needs to get done to make digital commerce as secure as it needs to be. Related: DHS launches 60-day cybersecurity sprints. Advanced cloaking.

Software

Software Hacking Malware Engineering

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

The Last Watchdog

DECEMBER 17, 2023

What I found most commendable about this Neubiberg, Germany-based semiconductor manufacturer is that it is fully directing its innovations squarely at reversing the negative impacts of climate change. The Internet of Things ( IoT ) is on the threshold of ascending to become the Internet of Everything ( IoE.)

IoT

IoT Internet Internet Technology

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Security Affairs

DECEMBER 1, 2021

509 v3 certificates, and other security standards. The question is, what happens if you just… make a signature that’s bigger than that? Applications using NSS for certificate validation or other TLS, X.509, Applications using NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509

Network Security

Network Security Hacking Information Security

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Krebs on Security

OCTOBER 14, 2021

The Post-Dispatch says it discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials, and that more than 100,000 SSNs were available. On Wednesday, the St. In a press conference this morning, Missouri Gov. ” Missouri Gov. ” Missouri Gov.

Education

Education Computers and Electronics Hacking Media

Zero to Pentester

IT Security Guru

OCTOBER 17, 2023

It’s rare for a young individual in high school to identify what they want to do for the rest of their life and then carry through with it without ever considering moving out of that field. So, what changed? And what would I do differently? I do think there’s an element of “not really missing what you never knew” here.

Hacking

Hacking Advertising Engineering Technology

Tips for Getting Your First Job in Cybersecurity

Hacker's King

JUNE 10, 2023

Get Certified Certifications to hold significant value in the cybersecurity industry. They demonstrate your knowledge and expertise in specific domains—research in-demand certifications based on your skill level and interests. Advanced certifications like OSCP are highly regarded.

Cybersecurity

Cybersecurity Penetration Testing InfoSec Hacking

OpenSSL Patches New Bug Targeting Encryption [Lessons from Heartbleed]

Security Boulevard

MAY 5, 2022

What is the new OpenSSL vulnerability? Exploitation of the vulnerability is possible in certain situations, and it can lead to a DoS attack against a process that parses externally supplied certificates.”. What did Heartbleed teach us? Because OpenSSL is everywhere, infiltrating it is like hitting the hacking jackpot.

Encryption

Encryption Software Media Authentication

The Analyst Prompt #42: Ransomware Attacks Not Letting Up as 2021 Draws to a Close

Security Boulevard

DECEMBER 21, 2021

In what seems like an appropriate end to a year defined by an increased focus on ransomware, December proved to be a busy month for cyber defenders. Among them were the Brazilian ministry of health, which lost access to a system used to issue vaccination certificates, and a medical group in the U.S.

Ransomware

Ransomware Cryptocurrency Accountability Malware

Hackers hijacked the eScan Antivirus update mechanism in malware campaign

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners. ” reads the analysis published by Avast.

Antivirus

Antivirus Malware DNS Cryptocurrency

VMware Flaw a Vector in SolarWinds Breach?

Krebs on Security

DECEMBER 18, 2020

government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. National Security Agency (NSA) warned on Dec. National Security Agency (NSA) warned on Dec.

Software

Software Authentication Hacking Government

New ransomware group Hive leaks Altus group sample files

Security Affairs

JUNE 26, 2021

Here’s what we know. What appears to be a new ransomware group with no prior history of breaches – Hive – has published a hidden service (darknet) website this week. The provided sample of exfiltrated files includes business data and documents, as well as Argus certificates and development files. Files leaked online.

Ransomware

Ransomware Software Encryption Passwords

Palo Alto Networks devices affected by CVE-2022-0778 OpenSSL bug

Security Affairs

APRIL 7, 2022

In Mid March, OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778 , that affects the BN_mod_sqrt() function used when certificate parsing. An attacker can trigger the vulnerability by crafting a malformed certificate with invalid explicit curve parameters.

Firewall

Firewall VPN Cybercrime Software

Carderbee APT targets Hong Kong orgs via supply chain attacks

Security Affairs

AUGUST 23, 2023

The attackers signed malware with a legitimate Microsoft certificate. In one interesting case, the threat actors deployed a downloader that was digitala ly signed certificate from Microsoft, called Microsoft Windows Hardware Compatibility Publisher. “The update.zip file is a zlib compressed archive file.

Malware

Malware Software Encryption Firewall

North Korea Cyber Threat Group ‘Lazarus’ Targets M1 Mac with Signed Executables

Security Boulevard

AUGUST 23, 2022

Late last week, Apple revoked the certificate that enabled the malware to execute after ESET alerted the company to the campaign, according to Dark Reading. Late last week, Apple revoked the certificate that enabled the malware to execute after ESET alerted the company to the campaign, according to Dark Reading. M1 MacBook and Intel.

Cyber threats

Cyber threats Social Engineering Banking Malware

Give Your Cyber Security Career a Boost

Security Boulevard

AUGUST 3, 2021

In any case, you’ll find lots of advice about how to get into a cyber security career as a beginner, but not so much on what you should be looking at as you move into mid-career mode. Cyber security certifications and training platforms. I highly recommend looking at some of the following certifications and training platforms.

Penetration Testing

Penetration Testing Education Government Information Security

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

The Last Watchdog

DECEMBER 11, 2022

What has changed in just the past year is that things are now starting to talk to other things,” Rosteck observes. The Internet of Everything ( IoE ) is on the near horizon. Related: Raising the bar for smart homes. We would not be at this juncture without corresponding advances on the hardware side of the house.

Internet

Internet Internet Energy and Utilities IoT

A week in security (January 24 – 30)

Malwarebytes

JANUARY 31, 2022

Last week on Malwarebytes Labs: QNAP update stops Deadbolt ransomware, annoys some users, starts debate Big Mother is watching: What parents REALLY think about tracking their kids Update now! macros by default Segway store compromised with Magecart skimmer Data Privacy Day: Know your rights, and the right tools to stay private.

Data privacy

Data privacy Ransomware Encryption Phishing

Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos

The Security Ledger

JANUARY 22, 2021

In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also: we talk with Avesta Hojjati of the firm Digicert about the challenge of managing a growing population of digital certificates and how automation may be an answer.

Hacking

Hacking Cyber Risk Software Risk

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Here’s what I took away from our discussion: Transient hacks.

Hacking

Hacking Energy and Utilities System Administration Accountability

BIOPASS malware abuses OBS Studio to spy on victims

Security Affairs

JULY 12, 2021

“What makes BIOPASS RAT particularly interesting is that it can sniff its victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio, a popular live streaming and video recording app, to establish live streaming to a cloud service via Real-Time Messaging Protocol (RTMP).

Malware

Malware Software Hacking Information Security

A week in security (July 19 – August 1)

Malwarebytes

AUGUST 2, 2021

Last week on Malwarebytes Labs: OSX.XLoader hides little except its main purpose: What we learned in the installation process. The Olympics : a timeline of scams, hacks, and malware. Source: Edward Snowden) The Northern Ireland COVID Certification Service was temporarily interrupted due to privacy issue. Here’s why.

Wireless

Wireless Password Management Firmware Passwords

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Webinars

Trending Sources

SHARED INTEL: Automating PKI certificate management alleviates outages caused by boom

Webinars

STEPS FORWARD: Regulators are on the move to set much needed IoT security rules of the road

Microsoft fixed two zero-day bugs exploited in malware attacks

Thinking of a Cybersecurity Career? Read This

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

China-linked APT Billbug breached a certificate authority in Asia

OSINT. What can you find from a domain or company name

Lessons from the Kronos Ransomware Attack – Why Good Enough isn’t Enough

Advice for the Graduating Class of 2023: Qualities of a Modern Day Cybersecurity Professional

China-Linked Cybercrime Group Attacks Asian Certificate Authority, Breaches Government Agencies

Latest on the SVR’s SolarWinds Hack

We Heard You: Updates to the (ISC)² Ethics Questions

No, I Did Not Hack Your MS Exchange Server

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

Nobelium APT uses new Post-Compromise malware MagicWeb

Google TAG spotted actors using new code signing tricks to evade detection

Cost of a Machine Identity Data Breach with Yahoo!

ROUNDTABLE: Targeting the supply-chain: SolarWinds, then Mimecast and now UScellular

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Q&A: How certifying in-house IT staffers as cyber analysts, pen testers can boost SMB security

CFPB’s Proposed Data Rules

RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability

Zero to Pentester

Tips for Getting Your First Job in Cybersecurity

OpenSSL Patches New Bug Targeting Encryption [Lessons from Heartbleed]

The Analyst Prompt #42: Ransomware Attacks Not Letting Up as 2021 Draws to a Close

Hackers hijacked the eScan Antivirus update mechanism in malware campaign

VMware Flaw a Vector in SolarWinds Breach?

New ransomware group Hive leaks Altus group sample files

Palo Alto Networks devices affected by CVE-2022-0778 OpenSSL bug

Carderbee APT targets Hong Kong orgs via supply chain attacks

North Korea Cyber Threat Group ‘Lazarus’ Targets M1 Mac with Signed Executables

Give Your Cyber Security Career a Boost

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

A week in security (January 24 – 30)

Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

BIOPASS malware abuses OBS Studio to spy on victims

A week in security (July 19 – August 1)

Stay Connected