Krebs on Security

DECEMBER 16, 2020

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise of its software update servers earlier this year may have resulted in malicious code

Hacking 342

Hacking Malware Software Cybercrime 342

Schneier on Security

DECEMBER 16, 2020

The SF Chronicle is reporting (more details here ), and the FBI is confirming, that a Melbourne mathematician and team has decrypted the 1969 message sent by the Zodiac Killer to the newspaper. There’s no paper yet, but there are a bunch of details in the news articles. Here’s an interview with one of the researchers: Cryptologist David Oranchak, who has been trying to crack the notorious “340 cipher” (it contains 340 characters) for more than a decade, made a crucial bre

Software 248

Software Encryption 248

Adam Shostack

DECEMBER 16, 2020

As we look at what’s happened with the Russian attack on the US government and others via Solarwinds, I want to shine a spotlight on a lesson we can apply to threat modeling. An example of asset-driven thinking leads the article Hack may have exposed deep US secrets; damage yet unknown. And I don’t want to pick on this article in particular — anyone can fall into this trap: Some of America’s most deeply held secrets may have been stolen in a disciplined, monthslong operation being bl

Government 182

Government Hacking 182

Tech Republic Security

DECEMBER 16, 2020

Cybercriminals are clever, and AI cannot always account for that. This is where cybersecurity and AI professionals come in.

Cybercrime 218

Cybercrime Accountability Cybersecurity 218

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

DECEMBER 16, 2020

Microsoft, FireEye, and GoDaddy have partnered to create a kill switch for the Sunburst backdoor that was employed in the recent SolarWinds hack. Microsoft, FireEye, and GoDaddy have created a kill switch for the Sunburst backdoor that was used in SolarWinds supply chain attack. Last week, Russia-linked hackers breached SolarWinds, the attackers had used a trojanized SolarWinds Orion business software updates to distribute the backdoor tracked as SUNBURST (aka Solarigate (Microsoft)).

DNS 136

DNS Malware VPN Hacking 136

Tech Republic Security

DECEMBER 16, 2020

Apple now requires apps to reveal how user data may be collected, but some companies aren't happy about the policy.

202

202

Tech Republic Security

DECEMBER 16, 2020

Social engineering is allowing cybercriminals the way in. Learn how to lock that door.

Social Engineering 184

Social Engineering Engineering 184

Dark Reading

DECEMBER 16, 2020

Redirecting a user to a trusted server buys a secure email gateway company some time while it decides whether a URL is malicious -- but there are avoidable drawbacks to this approach.

117

117

Security Affairs

DECEMBER 16, 2020

Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing. Microsoft partnered with other cybersecurity firms to seize the primary domain used in the SolarWinds attack ( avsvmcloud[.]com ) in an attempt to identify all victims and prevent other systems from being served malicious software. here is list of DGA subdomain c2: avsvmcloud[.]com #SolarWinds #backdoor c2 domain list: [link] pic.twitter.com/NufyhDB5Zj — R.

Hacking 117

Hacking DNS VPN Software 117

Threatpost

DECEMBER 16, 2020

Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.

Passwords 134

Passwords Antivirus Government Hacking 134

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected devices and gather system info.

Spyware 107

Spyware Mobile Surveillance Malware 107

Herjavec Group

DECEMBER 16, 2020

Cyber Predictions for the C-Suite t o Keep Top of Mind Next Year . – Robert Herjavec . Los Angeles, Calif. – Dec. 16, 2020 . As we close out 2020, it’s no secret that this year has had more than its fair share of challenges. At the onset of the year, we predicted that the top priority for any CISO or CIO will be to manage the risk associated with digital transformation and enhance their security programs in order to keep up with new technological complexity.

Cybercrime 98

Cybercrime Cybersecurity Digital transformation CISO 98

We Live Security

DECEMBER 16, 2020

This year, many of us will be celebrating Christmas with our loved ones virtually, however we shouldn’t underestimate the value of securing our online communication. The post Cybersecurity Advent calendar: Stay close to one another… Safely! appeared first on WeLiveSecurity.

Cybersecurity 98

Cybersecurity 98

Threatpost

DECEMBER 16, 2020

In the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks.

Ransomware 102

Ransomware Malware Hacking 102

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

GlobalSign

DECEMBER 16, 2020

2020 didn’t exactly match up to what we imagined it might be like. To add insult to injury, hackers had a field day. From Twitter and Zoom to MGM and Marriot, let’s dive into the year’s most memorable cybersecurity events.

Cybersecurity 93

Cybersecurity 93

WIRED Threat Level

DECEMBER 16, 2020

Despite years of warning, the US still has no good answer for the sort of “supply chain” attack that let Russia run wild.

Hacking 112

Hacking 112

Dark Reading

DECEMBER 16, 2020

Researchers believe cybercriminals are using a tool dubbed Email Appender to directly connect with compromised email accounts via IMAP.

Accountability 108

Accountability 108

Threatpost

DECEMBER 16, 2020

Goontact lures users of illicit sites through Telegram and other secure messaging apps and steals their information for future fraudulent use.

Spyware 96

Spyware Mobile Malware 96

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Dark Reading

DECEMBER 16, 2020

White House National Security Council establishes unified group to coordinate response across federal agencies to the threat.

Malware 145

Malware 145

Trend Micro

DECEMBER 16, 2020

We discovered a campaign that distributed a credential stealer, and its main code components are written in AutoHotkey (AHK).

Banking 91

Banking Risk Malware 91

Dark Reading

DECEMBER 16, 2020

The recent FireEye and SolarWinds compromises reinforce the fact that risks should be understood, controls should be in place, and care should be taken at every opportunity.

Risk 91

Risk 91

Herjavec Group

DECEMBER 16, 2020

One of the greatest cultural shifts resulting from the COVID-19 Pandemic is the way we shop and access goods and services. Never has it been more obvious than now, when the holiday rush to purchase the perfect gifts for our loved ones and salvage whatever normalcy we can from the holiday season is on almost everyone’s mind. But c. Although individuals tend to be the initial victim of online shopping attacks, users are increasingly doing online shopping on corporate devices or networks, leaving t

Encryption 69

Encryption Insurance VPN Scams 69

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Dark Reading

DECEMBER 16, 2020

This marks the fourth year in a row that a record number of vulnerabilities has been discovered, following 17,306 in 2019.

104

104

Trend Micro

DECEMBER 16, 2020

In this entry we share Pawn Storm's recent activities, focusing on their use of some simple methods that typically won't get associated with APT groups.

74

74

Dark Reading

DECEMBER 16, 2020

We need better ways to manage user identities for accessing applications, especially given the strain it places on overworked IT and security teams.

Government 87

Government 87

SecureWorld News

DECEMBER 16, 2020

Researchers have recently discovered over 45 million medical imaging files which are openly accessible on unprotected connected storage devices linked to hospitals and medical centers worldwide. The scope of the research. These recent findings are the result of a six month investigation conducted by cybersecurity firm CyberAngel. The investigation looked into Network Attached Storage (NAS) and Digital Imaging and Communications in Medicine (DICOM), which are standards for communicating medical d

Healthcare 55

Healthcare Data breaches IoT Engineering 55

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Dark Reading

DECEMBER 16, 2020

More than 90% of devices that run the popular VxWorks embedded operating system remain vulnerable to critical flaws disclosed more than a year ago.

109

109

ForAllSecure

DECEMBER 16, 2020

(with additional contribution from Richard Bae). Introduction. Embedded applications are some of the most prolific software out there in the world. Whether it be routers, IoT devices or SCADA systems, they are very varied in architecture, use case, and purpose. Very few of these devices have security in mind when they were built. And even fewer of them have ever been fuzzed.

Firmware 52

Firmware Architecture Engineering Authentication 52

Dark Reading

DECEMBER 16, 2020

New survey finds top C-suite managers are much shakier on security than their junior counterparts.

97

97

Spinone

DECEMBER 16, 2020

Previous years had shown the continuous rise of various digital threats. Cybersecurity professionals are not standing still for these threats and try to address them properly. In some sense, 2020 was special—the coronavirus pandemic and the global shift to remote working became significant factors affecting the cybersecurity landscape. How exactly?

Cybersecurity 52

Cybersecurity Data breaches Phishing Cyber threats 52

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.