Wed.May 25, 2022

article thumbnail

Manipulating Machine-Learning Systems through the Order of the Training Data

Schneier on Security

Yet another adversarial ML attack: Most deep neural networks are trained by stochastic gradient descent. Now “stochastic” is a fancy Greek word for “random”; it means that the training data are fed into the model in random order. So what happens if the bad guys can cause the order to be not random? You guessed it— all bets are off. Suppose for example a company or a country wanted to have a credit-scoring system that’s secretly sexist, but still be able to pretend that its training was act

article thumbnail

How to develop competency in cyber threat intelligence capabilities

Tech Republic Security

Starting from scratch or maturing a cyber threat intelligence capability is a task that needs several different people with very different skills and competencies. Read more on what competencies can build and make CTI capability a success. The post How to develop competency in cyber threat intelligence capabilities appeared first on TechRepublic.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FTC fines Twitter $150M for using 2FA info for targeted advertising

Bleeping Computer

The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [.].

article thumbnail

Is REvil having a resurgence, or is there a copycat hacking group?

Tech Republic Security

Cybersecurity company Akamai has found one of their clients has suffered a DDoS attack at the hands of a group claiming to be REvil. The post Is REvil having a resurgence, or is there a copycat hacking group? appeared first on TechRepublic.

Hacking 141
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel ( CVE-2021-1048 and CVE-2021-0920) and Cisco IOS XR ( CVE-2022-20821 ).

Software 143
article thumbnail

Massive increase in XorDDoS Linux malware in last six months

Malwarebytes

Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. XorDDoS, a Linux Trojan known for its modularity and stealth, was first discovered in 2014 by the white hat research group, MalwareMustDie (MMD). MMD believed the Linux Trojan originated in China. Based on a case study in 2015 , Akamai strengthened the theory that the malware may be of Asian origin based on its targets.

Malware 135

More Trending

article thumbnail

Chaos ransomware explained: A rapidly evolving threat

CSO Magazine

The Chaos ransomware builder started out last year as a buggy and unconvincing impersonation of the notorious Ryuk ransomware kit. It has since gone through active development and rapid improvements that have convinced different attacker groups to adopt it. The latest version, dubbed Yashma, was first observed in the wild in mid-May and contains several enhancements.

article thumbnail

Eerie GoodWill ransomware forces victims to publish videos of “good” deeds on social media

Malwarebytes

Ransomware does what the name implies: holds your files or network to ransom. Pay the authors, typically in cryptocurrency, and you may get your files back. Refuse, and the files could be lost forever or even leaked to the far corners of the net. Sometimes creators of ransomware try different things. In this case, a proof of concept called GoodWill ransomware’s approach is to force victims into performing seemingly nice tasks instead of pay a ransom.

Media 132
article thumbnail

5 reasons why GDPR was a milestone for data protection

We Live Security

The landmark regulation changed everyone’s mindset on how companies worldwide collect and use the personal data of EU citizens. The post 5 reasons why GDPR was a milestone for data protection appeared first on WeLiveSecurity.

132
132
article thumbnail

Popular Python package compromised: Don’t ‘Blindly Trust Open Source’

Security Boulevard

Popular Python package compromised: Don’t ‘Blindly Trust Open Source’. brooke.crothers. Wed, 05/25/2022 - 17:24. 13 views. Python package compromise. The Python package ctx, which averages over 20,000 downloads per week, was compromised on the Python Package Index (PyPI), according to both forum and social media posts and a bevy of news reports. . “When we browse the release history tab, we can see various versions of ctx uploaded within the past few days,” the SANS Institute said on May 24.

Software 131
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Tails 5.0 Linux users warned against using it "for sensitive information"

Bleeping Computer

Tails developers have warned users to stop using the portable Debian-based Linux distro until the next release if they're entering or accessing sensitive information using the bundled Tor Browser application. [.].

137
137
article thumbnail

Microsoft security vulnerabilities drop after five-year rise

CSO Magazine

The total number of Microsoft vulnerabilities reported in 2021 dropped by 5%, reversing a five-year trend that saw such vulnerabilities rising sharply, according to a new report from identity management and security vendor BeyondTrust. A total of 1,212 new vulnerabilities were discovered in 2021, but their severity, as well as their location in the Microsoft family of software products, has changed substantially year over year.

Internet 129
article thumbnail

Supply Chain Risk Management (SCRM) Explained

Heimadal Security

Managing supply chain risk is critical for any company. But why, you may ask. What kinds of risks should be managed? Read on and find out everything you need to know about supply chain risk management. What Is Supply Chain Risk Management (SCRM)? Supply Chain Risk Management (SCRM) is a systematic approach to identifying and […]. The post Supply Chain Risk Management (SCRM) Explained appeared first on Heimdal Security Blog.

Risk 124
article thumbnail

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

In early December 2021, enterprise security teams around the world went on high alert because of a string of vulnerabilities in an open-source Java component, Log4j, that is used in millions of applications. The incident prompted warnings from CISA and other national CERTs and led to renewed discussion about security and the open-source software ecosystem and how developers consume and track their use of open-source components.

CSO 127
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

New ChromeLoader malware surge threatens browsers worldwide

Bleeping Computer

The ChromeLoader malware is seeing an uptick in detections this month, following a relatively stable operation volume since the start of the year, which means that the malvertiser is now becoming a widespread threat. [.].

Malware 133
article thumbnail

Anton’s Security Blog Quarterly Q2 2022

Anton on Security

Great blog posts are sometimes hard to find (especially on Medium ), so I decided to do a periodic list blog with my favorite posts of the past quarter or so. Here is the next one. The posts below are ranked by lifetime views. This covers both Anton on Security and my posts from Google Cloud blog , and our Cloud Security Podcast too ( subscribe ). Top 5 most popular posts of all times (these ended up being the same as last quarter) : “Security Correlation Then and Now: A Sad Truth About SIEM” “C

article thumbnail

New ‘Cheers’ Linux ransomware targets VMware ESXi servers

Bleeping Computer

A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [.].

article thumbnail

Moving From ‘the log dustbin’ to Effective Security Operations

Security Boulevard

Guest Blog Post by Bryan Littlefair, CEO Cambridge Cyber Advisers former Global CISO of Vodafone. The post Moving From ‘the log dustbin’ to Effective Security Operations appeared first on Gurucul. The post Moving From ‘the log dustbin’ to Effective Security Operations appeared first on Security Boulevard.

CISO 122
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.” SilverTerrier has been active since at least 2014 and focuses on BEC attacks, it is a collective of over hundreds of individual threat actors.

article thumbnail

BrandPost: How Shift Left Security Helps Developers Build More Secure Cloud-Native Apps

CSO Magazine

During the past decade, the push-pull between security and developers led many organizations to build security earlier in the app development lifecycle. This new approach focuses on finding and remediating vulnerabilities earlier. Development teams want to build applications quickly. But that often puts them at odds with the need for testing. Developers might code up to the last minute, leaving almost no time to find and fix vulnerabilities before deadlines.

117
117
article thumbnail

10 Reasons Why Email Protection is Critical in 2022

Security Boulevard

We all use email all day long. No matter what industry you’re in or where you are working around the globe, you’re more than likely using email to communicate, work and socialize. Most of us check our email multiple times a day – the average is eleven times per hour! If you’re like me, which […]. The post 10 Reasons Why Email Protection is Critical in 2022 first appeared on SlashNext.

116
116
article thumbnail

PIXM releases new computer vision solution for mobile phishing

CSO Magazine

Computer vision cybersecurity startup PIXM has expanded its line of antiphishing products with the launch of PIXM Mobile, a solution to protect individuals and enterprises from targeted and unknown phishing attacks on mobile devices. The cloud-based mobile product is aimed at identifying phishing attacks on mobile devices in real time, as a user clicks on a malicious link, using computer vision technology.

Mobile 115
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Implementing the OMB 21-31 Memorandum

Security Boulevard

The Russia–Ukraine conflict has significantly intensified the cyberthreat landscape. As state-sponsored threat actors collaborate with financially-motivated cybercriminals to launch targeted cyberattacks against critical infrastructures, the cyberthreat landscape has become a free-for-all arena. As a result, the FBI and the Cybersecurity…. The post Implementing the OMB 21-31 Memorandum appeared first on LogRhythm.

article thumbnail

Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room

The Hacker News

A group of academics has devised a system that can be used on a phone or a laptop to identify and locate Wi-Fi-connected hidden IoT devices in unfamiliar physical spaces. With hidden cameras being increasingly used to snoop on individuals in hotel rooms and Airbnbs, the goal is to be able to pinpoint such rogue devices without much of a hassle.

IoT 113
article thumbnail

Russian Ransomware hackers getting frustrated by sanctions

CyberSecurity Insiders

As soon as Russia waged a war on Ukraine, the entire world led by the United States termed it as a war on innocent and pressed sanctions on the Putin led nation, to pressurize him in stopping the war. But Vladimir Putin was adamant about his Ukraine invasion and intensified the war to take control of Kyiv. It has been almost 100 days, and nothing seems to stop Kremlin’s invasion in the Ukraine.

article thumbnail

Rajiv Kulkarni Talks about the Malware Analysis Pipeline

Security Boulevard

TechSpective Podcast Episode 089 There is no such thing as perfect or invulnerable cybersecurity. The goal of cybersecurity is to raise the bar or cost of entry to make it as challenging as possible for threat actors, and to detect and identify new threats as quickly as possible. Given the sheer size of the threat [.]. The post Rajiv Kulkarni Talks about the Malware Analysis Pipeline appeared first on TechSpective.

Malware 111
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Darknet market Versus shuts down after hacker leaks security flaw

Bleeping Computer

?The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. [.].

Marketing 113
article thumbnail

Automating Azure Abuse Research?—?Part 1

Security Boulevard

Automating Azure Abuse Research?—?Part 1. Intro. Back in February of 2020 Karl Fosaaen published a great blog post about abusing Managed Identity (MI) assignments, specifically those assigned to a Virtual Machine running in Azure. Karl’s blog outlines the scenarios in which privilege escalation may be possible by first executing commands on the VM, then getting a token for the VM’s MI via the Instance Metadata Service (IMDS) token acquisition endpoint.

article thumbnail

Industry 4.0 Points Up Need for Improved Security for Manufacturers

Dark Reading

With manufacturing ranking as the fourth most targeted sector, manufacturers that understand their exposure will be able to build the necessary security maturity.

article thumbnail

Three Ways To Help Employees Thrive In The New Normal

IT Security Central

After consecutive pandemic years, companies and their employees are grappling with the consequences of disruption. Most notably, a once-in-a-generation pandemic coupled with social strife, geopolitical conflict and other factors has helped usher in an unprecedented reprioritization and restructuring of the workforce as people reimagine their professional lives in light of their lived experiences during the […].

106
106
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.