Thu.Apr 14, 2022

article thumbnail

Weekly Update 291

Troy Hunt

Bit of a long one this week, just due to a bunch of stuff all coinciding at the same time. The drone is obviously the coolest one and it was interesting to hear other people's experiences with theirs. This is just super cool tech and I can't remember the last time I looked at a consumer product and thought "wow, I didn't know they could do that!

Passwords 241
article thumbnail

BEST PRACTICES: Blunting ‘BEC’ capers that continue to target, devastate SMBs and enterprises

The Last Watchdog

It’s no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes. Related: Deploying human sensors. But surely, we can feel confident in email communications and requests from our organization’s executives and fellow coworkers, right? The short answer: Not always.

Phishing 247
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking at Future Summits in Antwerp, Belgium on May 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia on June 3, 2022. I’m speaking at the RSA Conference 2022 in San Francisco, June 6-9, 2022.

200
200
article thumbnail

SOC is Not Dead Yet It May Be Reborn As Security Operations Center of Excellence

Anton on Security

For many years, security practitioners imagined a security operations center (SOC) as a big room, full of expensive monitors and chairs. In these minds, rows of analysts sitting in those chairs and watching those monitors for blinking alerts made SOC, well, a SOC. This vision of the security operations center is derived from the original vision of the network operation center (NOC) that predates SOC by perhaps another decade or two.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Industrial Control System Malware Discovered

Schneier on Security

The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given. There’s also no indication of how the malware was discovered. It seems not to have been used yet.

Malware 251
article thumbnail

This WordPress plugin protects the emails displayed on your website

Tech Republic Security

Cybersecurity is more important than ever. Safeguard data from web trawling with this WordPress plugin. The post This WordPress plugin protects the emails displayed on your website appeared first on TechRepublic.

More Trending

article thumbnail

Business teams increase cybersecurity risk due to poor SaaS management

Tech Republic Security

A new SaaS survey finds that IT teams don’t know what software business units are using or who has access to security settings. The post Business teams increase cybersecurity risk due to poor SaaS management appeared first on TechRepublic.

Risk 188
article thumbnail

Palo Alto Networks Survey Reveals Cloud Security Challenges

Security Boulevard

An analysis of more than 680,000 identities across 18,000 cloud accounts from 200 different organizations published this week by Palo Alto Networks found nearly all (99%) cloud users, roles, services and resources were granted excessive permissions that were unused for 60 days or more. Nathaniel Quist, a principal researcher for the Unit 42 security research.

article thumbnail

How cybercriminals are creating malicious hyperlinks that bypass security software

Tech Republic Security

Hackers are using a technique known as Quoted-printable to trick security defenses into thinking a malicious link is legitimate, says Avanan. The post How cybercriminals are creating malicious hyperlinks that bypass security software appeared first on TechRepublic.

Software 164
article thumbnail

Stalkerware-type detections hit record high in 2021, but fell in second half

Malwarebytes

After having tracked stalkerware for years, Malwarebytes can reveal that in 2021, detections for apps that can non-consensually monitor another person’s activity reached their highest peak ever, but that, amidst the record-setting numbers, the volume of detections actually began to significantly decrease in the second half of the year. This decrease in stalkerware-type activity never reached the lower levels in 2019 that Malwarebytes recorded before the start of the global coronavirus pand

Spyware 138
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

More than 40% of SMBs surveyed have been hit with a cybersecurity breach

Tech Republic Security

Malware, phishing attacks and data breaches are the most common threats for small and medium-sized businesses, says a survey from Intuit QuickBooks. The post More than 40% of SMBs surveyed have been hit with a cybersecurity breach appeared first on TechRepublic.

article thumbnail

Windows 11 tool to add Google Play secretly installed malware

Bleeping Computer

A popular Windows 11 ToolBox script used to add the Google Play Store to the Android Subsystem has secretly infected users with malicious scripts, Chrome extensions, and potentially other malware. [.].

Malware 141
article thumbnail

Zloader, another botnet, bites the dust

Malwarebytes

Microsoft has announced that its Digital Crimes Unit (DCU) has taken legal and technical action to disrupt a malicious botnet called Zloader. Zloader or Zbot are common names used to refer to any malware related to the ZeuS family. There are a lot of those because the ZeuS banking Trojan source code was leaked in 2011, and so there’s been plenty of time for several new variants to emerge.

Backups 129
article thumbnail

Research reveals that IAM is too often permissive and misconfigured

Tech Republic Security

New research highlights IAM security issues that could be reduced or solved with proper measures. Learn how to effectively configure IAM for better cloud infrastructure security. The post Research reveals that IAM is too often permissive and misconfigured appeared first on TechRepublic.

118
118
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Wind turbine firm Nordex hit by Conti ransomware attack

Bleeping Computer

The Conti ransomware operation has claimed responsibility for a cyberattack on wind turbine giant Nordex, which was forced to shut down IT systems and remote access to the managed turbines earlier this month. [.].

article thumbnail

Consumers have dwindling trust in companies to keep user information safe

Tech Republic Security

Almost half of customers say they would discontinue using a service if a cyberattack happens to an organization. The post Consumers have dwindling trust in companies to keep user information safe appeared first on TechRepublic.

117
117
article thumbnail

What is the cyber kill chain? A model for tracing cyberattacks

CSO Magazine

As an infosec professional, you’ve likely heard about using a cyber kill chain to help identify and prevent intrusions. Attackers are evolving their methods, which might require that you look at the cyber kill chain differently. What follows is an explanation of the cyber kill chain and how you might employ it in your environment. Cyber kill chain definition.

InfoSec 128
article thumbnail

New Fodcha DDoS Malware Targets More than 100 Victims Daily

Heimadal Security

A rapidly expanding malware is entrapping routers, DVRs, and servers all over the web in order to launch Distributed Denial-of-Service (DDoS) attacks on over 100 victims every day. CNCERT and Qihoo 360’s Network Security Research Lab (360 Netlab) worked together and found this botnet they dubbed Fodcha. According to a report by 360 Netlab, between […].

DDOS 123
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Rare and dangerous Incontroller malware targets ICS operations

CSO Magazine

In the second major industrial control system (ICS) threat development this week, the U.S. Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) issued a Cybersecurity Advisory (CSA) warning of a complex and dangerous ICS threat. The CSA says that specific unnamed advanced persistent threat (APT) actors have exhibited the capability to gain complete system access to multiple ICS a

Malware 125
article thumbnail

Tighten your home security with this affordable video doorbell

Tech Republic Security

Remote work has become the norm for many people, resulting in more interest in home security devices. Don’t miss this Door-Ringer Package Deal. The post Tighten your home security with this affordable video doorbell appeared first on TechRepublic.

111
111
article thumbnail

Hospital Robots Have Been Found to Have Critical Vulnerabilities

Heimadal Security

Five serious vulnerabilities in hospital robots that served for the transportation of medical supplies have been patched by vendor Aethon. Vulnerabilities Found in Hospital Robots: More Details As recently reported in Cynerio’s public report of Jekyllbot:5, five significant zero-day vulnerabilities in Aethon TUG robots and medical equipment can fall short of adequate security safeguards.

article thumbnail

Kyndryl rolls out Dell partnership for disaster recovery and security

CSO Magazine

A new system recovery offering from former IBM division and current managed infrastructure service provider Kyndryl incorporates air-gapped data vaulting technology from Dell for faster recovery from major cybersecurity incidents like ransomware attacks. The Cyber Incident Recovery service is a four-part system, says Kyndryl global security and resiliency practice leader Kris Lovejoy.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Google Chrome emergency update fixes zero-day used in attacks

Bleeping Computer

Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability actively used by threat actors in attacks. [.].

131
131
article thumbnail

RemcosRAT Malware Is Targeting African  Banks

Heimadal Security

Remcos is a Remote Access Software that allows you to operate computers from a distance. Remcos, creates a backdoor on the computer, allowing the remote user complete access to the machine. This RAT can be used for a variety of reasons, including surveillance and penetration testing, and has even been employed in hacking campaigns in […]. The post RemcosRAT Malware Is Targeting African Banks appeared first on Heimdal Security Blog.

Banking 113
article thumbnail

“Your AppI?e? ?l?D? ??h??a??s?? ??b??e??e??n?? ??l??ocke??d??” spam email takes you on a website mystery tour

Malwarebytes

Spam which claims your account has been locked out and needs to be fixed are common. They drive people to phishing campaigns on a daily basis. The mail below follows the same pattern with one key difference. It looks like a phish, but goes somewhere else entirely. No, your Apple ID has not been locked. The mail claims to be from Apple, and is titled.

Phishing 112
article thumbnail

Critical Windows RPC CVE-2022-26809 flaw raises concerns — Patch now

Bleeping Computer

Microsoft has fixed a new Windows RPC CVE-2022-26809 vulnerability that is raising concerns among security researchers due to its potential for widespread, significant cyberattacks once an exploit is developed. Therefore, all organization needs to apply Windows security updates as soon as possible. [.].

122
122
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Filing your taxes? Be wary of help found through search engines

Malwarebytes

The deadline for filing your taxes in the US is nearly upon us. April 18 is the very last date that you can afford to hand your tax returns in to the IRS. People will naturally gravitate toward all manner of filing tools to get the job done. But it’s worth noting that sites are lurking in search engine results to potentially make it harder to file, not easier.

article thumbnail

US Government warns of new malware attacks on ICS/SCADA systems

The State of Security

Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure. In a joint cybersecurity advisory issued by the Department of Energy, the Cybersecurity and Infrastructure Security Agency (CISA), the NSA, and the […]… Read More.

article thumbnail

FBI links largest crypto hack ever to North Korean hackers

Bleeping Computer

The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. [.].

Hacking 133
article thumbnail

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

The US government agencies warned of threat actors that are targeting ICS and SCADA systems from various vendors. The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) published a joint Cybersecurity Advisory (CSA) to warn of offensive capabilities developed by APT actors that could allow them to compromise multiple industrial control system (ICS)/supervisory control and data

Passwords 115
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.