Schneier on Security

APRIL 1, 2022

These techniques are not new, but they’re increasingly popular : …some forms of MFA are stronger than others, and recent events show that these weaker forms aren’t much of a hurdle for some hackers to clear. In the past few months, suspected script kiddies like the Lapsus$ data extortion gang and elite Russian-state threat actors (like Cozy Bear, the group behind the SolarWinds hack) have both successfully defeated the protection. […].

Authentication 354

Authentication Hacking Passwords 354

Troy Hunt

APRIL 1, 2022

Everyone just came for the Ubiquiti discussion, right? This is such a tricky one; if their products sucked we could all just forget about them and go on with our day. But they don't suck - they're awesome - and that makes it hard to fathom how a company that makes such great gear is responding this way to such a well-respected journo. I spend most of this week's video talking about this and perhaps what surprised me most, is even after that discussion there's a bunch of peopl

Passwords 271

Passwords Government 271

Tech Republic Security

APRIL 1, 2022

A phishing technique called Browser in the Browser (BITB) has emerged, and it’s already aiming at government entities, including Ukraine. Find out how to protect against this new threat. The post “Browser in the Browser” attacks: A devastating new phishing technique arises appeared first on TechRepublic.

Phishing 213

Phishing Government 213

Security Boulevard

APRIL 1, 2022

According to IBM's Annual Cost of a Data Breach Report 2021 , the average cost of a data breach is around $4.24 million. In the United States and Canada, it's even higher. So what makes data breaches so costly, are business leaders aware of the risks, and what can be done to prevent breaches? . The post How Much Does a Data Breach Cost? appeared first on Security Boulevard.

Data breaches 145

Data breaches Risk 145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

APRIL 1, 2022

A report from NCC Group profiles the industries plagued by ransomware as well as the most active hacking groups in February. The post Ransomware attacks are on the rise, who is being affected? appeared first on TechRepublic.

Ransomware 214

Ransomware Hacking 214

Bleeping Computer

APRIL 1, 2022

GitLab has addressed a critical severity vulnerability that could allow remote attackers to take over user accounts using hardcoded passwords. [.].

Accountability 145

Accountability Passwords 145

Heimadal Security

APRIL 1, 2022

A game-changer in the PAM market, PEDM is now on everybody’s lips when talking about more efficient methods to mitigate cybersec risk by properly controlling privileged permissions. Featuring three essential elements: appropriate privileges for appropriate users just at the appropriate time, PEDM dramatically improves your cybersec posture. Read on to gain more knowledge surrounding this […].

Marketing 128

Marketing Risk Education 128

Tech Republic Security

APRIL 1, 2022

A credential harvesting campaign spotted by INKY at the end of February tried to lure its victims to Calendly, a legitimate and free online calendar app. The post Phishing attacks exploit free calendar app to steal account credentials appeared first on TechRepublic.

Phishing 152

Phishing Accountability 152

Security Boulevard

APRIL 1, 2022

Cookies are dead—or, at least, their days are numbered. Instead, Google wants to shape the future of targeted advertising. The post Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE appeared first on Security Boulevard.

Advertising 128

Advertising Social Engineering Security Awareness Engineering 128

Tech Republic Security

APRIL 1, 2022

Have you been considering a change of careers? Or would you just like to learn more about cybersecurity? Here's your chance while it's on sale for $49. The post Get a CompTIA cybersecurity education online for an in-demand career appeared first on TechRepublic.

Education 128

Education Cybersecurity 128

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

APRIL 1, 2022

Japanese cybersecurity software firm Trend Micro has patched a high severity security flaw in the Apex Central product management console that can let attackers execute arbitrary code remotely. [.].

Software 125

Software Cybersecurity 125

Security Boulevard

APRIL 1, 2022

Spring unauthenticated RCE via classLoader manipulation. Photo by Emile Perron on Unsplash. A critical zero-day vulnerability in the Spring framework was recently reported to Spring’s maintainer, VMWare. The vulnerability is an unauthenticated remote code execution vulnerability that affects Spring MVC and Spring WebFlux applications. You can find the CVE here: [link].

Accountability 124

Accountability Software Engineering Cybersecurity 124

The Hacker News

APRIL 1, 2022

A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor and a novel rootkit on infected machines with the goal of stealing sensitive data.

124

124

Security Affairs

APRIL 1, 2022

Researchers spotted a new destructive wiper, tracked as AcidRain , that is likely linked to the recent attack against Viasat. Security researchers at SentinelLabs have spotted a previously undetected destructive wiper, tracked as AcidRain, that hit routers and modems and that was suspected to be linked to the Viasat KA-SAT attack that took place on February 24th, 2022.

Malware 121

Malware Hacking Information Security 121

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Malwarebytes

APRIL 1, 2022

This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi. UAC-0056 also known as SaintBear, UNC2589 and TA471 is a cyber espionage actor that has been active since early 2021 and has mainly targeted Ukraine and Georgia. The group is known to have performed a wiper attack in January 2022 on multiple Ukrainian government computers and websites.

Encryption 120

Encryption Phishing Malware Government 120

Heimadal Security

APRIL 1, 2022

In addition to the government, military, banking, and telecommunications sectors, Deep Panda is a suspected Chinese threat organization that has been known to target a wide range of businesses. Deep Panda is being held responsible for the infiltration into Anthem, a healthcare corporation. Shell Crew, WebMasters, KungFu Kittens, and PinkPanther are some of the other […].

Hacking 116

Hacking Telecommunications Healthcare Banking 116

We Live Security

APRIL 1, 2022

How can businesses that lack the resources and technological expertise of large organizations hold the line against cybercriminals? The post Cybersecurity survival tips for small businesses: 2022 edition appeared first on WeLiveSecurity.

Small Business 119

Small Business Cybersecurity Technology 119

Security Boulevard

APRIL 1, 2022

What’s the news? Last month, the Securities and Exchange Commission proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies (The SEC has opened a comment period until May 9th, 2022 before it moves towards a final decision). The potential change is a great ….

Cyber Risk 115

Cyber Risk Risk Government Cybersecurity 115

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

CSO Magazine

APRIL 1, 2022

New York-based risk management company Exiger this week launched a new supply chain risk monitoring service, designed to incorporate a wide and customizeable array of data sources into its calcluations. The company’s Supply Chain Explorer is a fully as-a-service offering – users don’t have to host it in their data centers or run it on a dedicated appliance.

Risk 114

Risk Media 114

Heimadal Security

APRIL 1, 2022

In the field of computer security, a wiper is a kind of malware that is designed to erase (wipe) the hard drive of the computer that it infects, therefore intentionally erasing data and applications on the infected machine. What Happened? A newly found data wiper virus that wipes routers and modems was used in the […]. The post Viasat’s Satellite Modems Wiped appeared first on Heimdal Security Blog.

Malware 112

Malware Cybersecurity 112

Security Boulevard

APRIL 1, 2022

Speedy innovation and disruptions to traditional business has created the potential for extraordinary value in the tech world. However, moving too […]. The post Don’t Be Confused By the Acronyms: CWPP, CSPM & CIEM appeared first on Sonrai Security. The post Don’t Be Confused By the Acronyms: CWPP, CSPM & CIEM appeared first on Security Boulevard.

CISO 110

CISO 110

CSO Magazine

APRIL 1, 2022

A new crime site for hackers is positioning itself as an alternative to Raid Forums, a popular watering hole for threat actors before it was mysteriously taken down in February. The new site, Breach Forums, was launched by an old Raid Forum hand who goes by the handle "pompompurin," according to a blog post this week by Flashpoint , a threat intelligence company.

110

110

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Hacker Combat

APRIL 1, 2022

The Energy Department and the US Cybersecurity and Infrastructure Security Agency (CISA) published guidelines this week on preventing attacks on UPS units. Threat actors are targeting UPS units that are linked to the net, typically using the original login authorizations, and the two government agencies advise disabling the access to the net by the information system of these units immediately.

Passwords 110

Passwords Internet Internet Manufacturing 110

CyberSecurity Insiders

APRIL 1, 2022

United States CISA has issued a cyber threat warning to all web connected UPS devices as they were on the verge of being cyber attacked. The alert was issued on a joint note by the Department of Energy and FBI and urges all critical facilities to review the security of their power back up solutions to the core. UPS Devices are emergency power backup solutions that offer electric power help in the time of emergency to hospitals, industries, data centers and utilities.

Cyber threats 110

Cyber threats Internet Internet Energy and Utilities 110

CSO Magazine

APRIL 1, 2022

The Russian invasion of Ukraine has demonstrated the law of unintended consequences in a most unexpected way. By publicly backing the invasion, the heretofore most prolific ransomware group in the world inspired a backlash that appears to have temporarily crippled the group’s ability to operate and given unprecedented insight into the world of ransomware operators.

Ransomware 109

Ransomware 109

Acunetix

APRIL 1, 2022

On March 31, 2022, a serious zero-day vulnerability was discovered in the Spring framework core, which is an open-source framework for building enterprise Java applications. The vulnerability, dubbed Spring4Shell (similar to Log4Shell) or Springshell, was identified as CVE-2022-22965 (at the time of writing, not yet. Read more. The post Critical alert – Spring4Shell RCE (CVE-2022-22965 in Spring) appeared first on Acunetix.

105

105

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Heimadal Security

APRIL 1, 2022

Aqua’s security assessment team has recently announced the discovery of a new type of ransomware. The yet-to-be-named malware uses Python-based scripting for malicious file encryption and subsequent obfuscation. Telemetry indicates that the emergent Python-based ransomware strain may have originated in Russia and that it was specifically engineered to target and ransom out JupyterLab Web notebooks. […].

Ransomware 100

Ransomware Engineering Encryption Malware 100

Security Affairs

APRIL 1, 2022

Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. The vulnerability can be exploited to take control of the devices. “Zyxel has released patches for products affected by the authentication bypass vulnerability.

Firewall 99

Firewall VPN Firmware Authentication 99

Bleeping Computer

APRIL 1, 2022

Microsoft now allows enterprise admins to re-enable the MSIX ms-appinstaller protocol handler disabled after Emotet abused it to deliver malicious Windows App Installer packages. [.].

98

98

Security Boulevard

APRIL 1, 2022

Lapsus$ strikes again, one of the largest crypto hacks in history went down last week, hackers are trying to breach health plans and specialty clinics and cyber criminals are keeping the FBI very active. The post Cybersecurity News Round-Up: Week of March 28, 2022 appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity Hacking 98

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.