Schneier on Security
JULY 27, 2021
Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models” Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models. Neural network models are poorly explainable and have a good generalization ability.
The Last Watchdog
JULY 27, 2021
The ethical hackers at WizCase recently disclosed another stunning example of sensitive consumer data left out in the open in the public cloud — for one and all to access. Related: How stolen data gets leveraged in full-stack attacks. This latest high-profile example of security sloppiness was uncovered by a team of white hat hackers led by Ata Hakçil.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
JULY 27, 2021
You can catch more flies with honey than vinegar. Learn some tips to establish a positive reinforcement cybersecurity culture rather than a blame-and-shame game.
CSO Magazine
JULY 27, 2021
A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET applications to deploy fileless malware. Dubbed Praying Mantis, or TG1021, by researchers from incident response firm Sygnia, the hacker group puts a strong focus on detection evasion by using a volatile and custom malware toolset built specifically for Internet Information Services (IIS) web servers
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Tech Republic Security
JULY 27, 2021
To ward off the attack known as PetitPotam, Microsoft advises you to disable NTLM authentication on your Windows domain controller.
eSecurity Planet
JULY 27, 2021
The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber attacks, targeting both Linux and Microsoft systems and expanding its geographical reach, according to security researchers with Microsoft. At the same time, there now are two distinct operating structures that both use the LemonDuck malware but are possibly being operated by two different organizations
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
The Hacker News
JULY 27, 2021
Apple on Monday rolled out an urgent security update for iOS, iPadOS, and macOS to address a zero-day flaw that it said may have been actively exploited, making it the thirteenth such vulnerability Apple has patched since the start of this year. The updates, which arrive less than a week after the company released iOS 14.7, iPadOS 14.7, and macOS Big Sur 11.
Bleeping Computer
JULY 27, 2021
Microsoft has extended Defender for Office 365 Safe Links protection to Microsoft Teams to safeguard users from malicious URL-based phishing attacks. [.].
Security Affairs
JULY 27, 2021
Transnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by a disruptive cyber attack. South Africa’s logistics company Transnet SOC was hit last week by a disruptive cyberattack that halted its operations at all the port’s terminals. The attack took place on Thursday, 22 July. “Port terminals are operational across the system, with the exception of container terminals as the Navis system on the trucking side has been affected,” Transnet revealed.
Bleeping Computer
JULY 27, 2021
An new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. [.].
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Malwarebytes
JULY 27, 2021
It must not be easy to work at Kaseya right now. While they are working as hard as they can to help customers, and customers of their customers, recover from the REvil ransomware attack at the beginning of July, a new vulnerability in their software has been disclosed. As a sidenote, Kaseya specifically denies on their website that they did not pay the ransom ($70 million was the initial demand) to stop the critics saying they were encouraging additional ransomware attacks fed by rumors that the
Bleeping Computer
JULY 27, 2021
An new version of the LockBit 2.0 ransomware has been found that automates the encryption of a Windows domain using Active Directory group policies. [.].
We Live Security
JULY 27, 2021
The vulnerability is under active exploitation by unknown attackers and affects a wide range of Apple’s products. The post Apple releases patch for zero‑day flaw in iOS,iPadOS and macOS appeared first on WeLiveSecurity.
CSO Magazine
JULY 27, 2021
Cybersecurity is built to protect computer systems and networks from theft, damage, and service disruption from attacks such as distributed denial-of-service (DDoS). DDoS attacks work by taking a target website or online service offline by overwhelming the target or its surrounding infrastructure with a flood of internet traffic. Although DDoS attacks have been around for more than 20 years, they remain something of a moving target as cybercriminals regularly discover and weaponize new attack
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Bleeping Computer
JULY 27, 2021
Microsoft has released a cumulative out-of-band update to fix a known printing issue preventing some printers and scanners from working correctly. [.].
Tech Republic Security
JULY 27, 2021
This article answers a few of the more common questions from those who are trying to figure out the XDR space.
Cisco Security
JULY 27, 2021
SecureX is Cisco’s free, acronym-defying security platform. (“Is it XDR? Is it SOAR? Does it solve the same problems as a SIEM? As a TIP?” “Yes.”) From the very beginning, one of the pillars of SecureX was the ability to consume and operationalize your local security context alongside global threat intelligence. And to that end, SecureX includes, by default, a few very respectable threat intelligence providers: The Cisco Secure Endpoint File Reputation database (formerly AMP FileDB) composed of
Security Boulevard
JULY 27, 2021
Identity and data security is a priority for DevSecOps in the public cloud. Accounts, access, permissions, and privileges have become […]. The post DevSecOps Best Practices in Identity and Data Security appeared first on Sonrai Security. The post DevSecOps Best Practices in Identity and Data Security appeared first on Security Boulevard.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Bleeping Computer
JULY 27, 2021
Google has announced a new platform and community designed to host all its Vulnerability Rewards Programs (VRP) under the same roof. [.].
Heimadal Security
JULY 27, 2021
The DIVD researchers (the Dutch Institute for Vulnerability Disclosure ) issued a TLP:AMBER warning concerning 3 Kasyea Unitrends vulnerabilities that were unpatched in the backup product. Chairman Victor Gevers declared for BleepingComputer the fact that the advisory was originally shared with 68 government CERTs under a coordinated disclosure. However, it seems that one of the recipients had uploaded […].
PCI perspectives
JULY 27, 2021
As small and medium businesses begin to re-open following the pandemic, it’s important to do so securely in order to protect customer’s payment card data. Too often, data breaches happen as a result of vulnerabilities that are entirely preventable. The PCI Security Standards Council (PCI SSC) has developed a set of payment protection resources for small businesses.
Threatpost
JULY 27, 2021
Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
Security Affairs
JULY 27, 2021
Researchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious email. Cybersecurity researchers have discovered multiple security vulnerabilities, tracked as CVE-2021-35208 and CVE-2021-35208 , in Zimbra email collaboration software. An unauthenticated attacker could chain these vulnerabilities to fully takeover a Zimbra webmail server of a targeted organization.
The Hacker News
JULY 27, 2021
Cybersecurity researchers on Tuesday disclosed nine security vulnerabilities affecting three open-source projects — EspoCRM, Pimcore, and Akaunting — that are widely used by several small to medium businesses and, if successfully exploited, could provide a pathway to more sophisticated attacks. All the security flaws in question, which impact EspoCRM v6.1.
Security Boulevard
JULY 27, 2021
DDoS extortion attacks have skyrocketed over the past year and are expected to trend upwards in the future too. DDoS attacks aren’t new threats. However, cybercriminals are leveraging these attacks. The post What is a DDoS Extortion Attack and How do you Respond to it? appeared first on Indusface. The post What is a DDoS Extortion Attack and How do you Respond to it?
Malwarebytes
JULY 27, 2021
Before the work week ended last week Friday, a security researcher found a leak of what is claimed to be full phone numbers of users of Clubhouse, the new social media app everyone is talking about and just recently came out of beta. Clubhouse is an audio-only social media platform where, unlike many popular social sites in the market, users can communicate with each other in voice chat rooms that can accomodate thousands of people.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Boulevard
JULY 27, 2021
After 14 years and plenty of blood, sweat and tears, threat intelligence company CTCI emerges from stealth with some game-changing technology. Co-founders Andrew Grealy and Michael Freeman talk with Alan Shimel about the company, startup misconceptions and the opportunity in the threat intel space. The video is below, followed by a transcript. Alan Shimel: Hey, The post CTCI a Game-Changer for Threat Intel appeared first on Security Boulevard.
The Hacker News
JULY 27, 2021
Threat actors are increasingly shifting to "exotic" programming languages such as Go, Rust, Nim, and Dlang that can better circumvent conventional security protections, evade analysis, and hamper reverse engineering efforts.
Security Boulevard
JULY 27, 2021
In today’s world, attaining simplicity is the most difficult job. With each passing day, our lives are becoming more complex. Most of our experiences like shopping, working, reading, etc. are getting digitalized. Digital devices are becoming a part of our extended reality and it is hard to imagine our lives without them. We are no […]. The post Machine Identity Lies at the Core of Cybersecurity appeared first on AppViewX.
Threatpost
JULY 27, 2021
The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
359 
Let's personalize your content