Anton on Security
DECEMBER 15, 2022
In recent weeks, I did two fun webinars related to Security Operations, and there was a lot of fun Q&A. The questions below are sometimes slighting edited for clarity, typos, etc. For extra fun, I had ChatGPT answer some of them, to see if it can replace me :-) So, first, ISACA webinar “Modernize Your SOC for the Future” focused on our Autonomic Security Operations vision.
Schneier on Security
DECEMBER 15, 2022
Security researchers found a software bug in the KmsdBot cryptomining botnet: With no error-checking built in, sending KmsdBot a malformed command—like its controllers did one day while Akamai was watching—created a panic crash with an “index out of range” error. Because there’s no persistence, the bot stays down, and malicious agents would need to reinfect a machine and rebuild the bot’s functions.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
DECEMBER 15, 2022
Yes, there’s a good chance “123456” is the code to the restroom at your local Starbucks, but it is also the second most popular password worldwide, according to a new study by password manager NordPass. That can’t be good. The post Security alert: Use these most popular passwords at your peril appeared first on TechRepublic.
eSecurity Planet
DECEMBER 15, 2022
Released on November 30, ChatGPT has instantly become a viral online sensation. In a week, the app gained more than one million users. Unlike most other AI research projects, ChatGPT has captivated the interest of ordinary people who do not have PhDs in data science. They can type in queries and get human-like responses. The answers are often succinct.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
DECEMBER 15, 2022
Security analysts have discovered two API security vulnerabilities in BrickLink.com, LEGO Group's official second-hand and vintage marketplace for LEGO bricks. [.].
CSO Magazine
DECEMBER 15, 2022
Last week, members of the US House of Representatives and Senate reconciled their versions of the annual must-pass National Defense Authorization Act (NDAA). Each year the NDAA contains a wealth of primarily military cybersecurity provisions, delivering hundreds of millions, if not billions, in new cybersecurity funding to the federal government. This year’s bill is no exception.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Heimadal Security
DECEMBER 15, 2022
Multiple high-impact vulnerabilities affecting Thunderbird, Firefox ESR, and Firefox were fixed by updates from Mozilla. The bugs might have given arbitrary code execution if they were successfully exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) advises users and admins to patch the identified vulnerabilities and upgrade their systems.
Security Boulevard
DECEMBER 15, 2022
Following its acquisition of Reposify earlier this year, CrowdStrike today added external attack surface management (EASM) technology to the CrowdStrike Falcon platform. CrowdStrike CTO Michael Sentonas said CrowdStrike Falcon Surface will initially be made available as a standalone module before EASM capabilities are more deeply embedded in the company’s core cybersecurity platform.
Bleeping Computer
DECEMBER 15, 2022
Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking forum. [.].
Security Boulevard
DECEMBER 15, 2022
Modern medical devices are complex, networked and often vulnerable to attack. With that in mind, the U.S. Food and Drug Administration (FDA) has funded the development of a playbook for threat modeling by the Medical Device Innovation Consortium (MDIC) and MITRE. The playbook is designed to help health care organizations and medical device manufacturers identify.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Graham Cluley
DECEMBER 15, 2022
Law enforcement agencies in the United States, UK, Netherlands, Poland, and Germany have brought down the most popular DDoS-for-hire services on the internet, responsible for tens of millions of attacks against websites. Read more in my article on the Tripwire State of Security blog.
Heimadal Security
DECEMBER 15, 2022
A new technique for spreading QBot malware gained popularity among hackers – they are now distributing it through SVG files to perform HTML smuggling, which locally generates a malicious installer for Windows. In this attack, the target’s browser is tricked into downloading a Base64 encoded version of the QBot malware installer hidden within an SVG […].
Trend Micro
DECEMBER 15, 2022
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda's Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works.
The Hacker News
DECEMBER 15, 2022
NuGet, PyPi, and npm ecosystems are the target of a new campaign that has resulted in over 144,000 packages being published by unknown threat actors. "The packages were part of a new attack vector, with attackers spamming the open-source ecosystem with packages containing links to phishing campaigns," researchers from Checkmarx and Illustria said in a report published Wednesday.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Dark Reading
DECEMBER 15, 2022
Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform.
CSO Magazine
DECEMBER 15, 2022
The US Government Accounting Office (GAO) continues to highlight shortcomings in the cybersecurity posture of government entities responsible for the protection of United States infrastructure when it comes to internet of things (IoT) and operational technology (OT) devices and systems. In a recent report, the GAO shone a light on the Departments of Energy, Health and Human Services, Homeland Security, and Transportation.
Security Affairs
DECEMBER 15, 2022
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote code execution.
Bleeping Computer
DECEMBER 15, 2022
A new phishing campaign uses Facebook posts as part of its attack chain to trick users into giving away their account credentials and personally identifiable information (PII). [.].
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
DECEMBER 15, 2022
Welcome to the latest edition of The Week in Security , which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: Twelve malware wipers have been discovered in 2022. Also: The Cuba ransomware gang abused Microsoft certificates to sign malware. .
The Hacker News
DECEMBER 15, 2022
The U.S. National Institute of Standards and Technology (NIST), an agency within the Department of Commerce, announced Thursday that it's formally retiring the SHA-1 cryptographic algorithm. SHA-1, short for Secure Hash Algorithm 1, is a 27-year-old hash function used in cryptography and has since been deemed broken owing to the risk of collision attacks.
Security Boulevard
DECEMBER 15, 2022
Shannon Lawson, CISO for the City of Phoenix, and Geoffrey Coulehan, Head of Sales for MixMode recently joined forces for a fireside chat at the Evanta CISO Summit in Phoenix, AZ. Lawson and Coulehan have been partnering together for almost three years to transform the City’s cybersecurity initiatives and Security Operations Center (SOC). . The post Video: Modernizing Phoenix’s Cybersecurity to Combat Nation-State Attacks appeared first on Security Boulevard.
CSO Magazine
DECEMBER 15, 2022
Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are met with another threat: ProxyNotShell, which in fact is a vulnerability chain comprising two actively exploited flaws: CVE-2022-41040 is a server-side request forgery (SSRF) vulnerability that an authenticated attacker can exploit for privilege escalation.
Advertisement
The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.
IT Security Guru
DECEMBER 15, 2022
Identity management is in dire straits, according to a recently conducted survey by identity security firm One Identity. Surveying over 1,000 IT security professionals, the results showed that 96 percent of companies report using multiple identity management tools, with 41 percent deploying at least 25 different systems to manage access rights. However, 70 percent of companies reported they’re paying for identity tools they’re not actively using.
Bleeping Computer
DECEMBER 15, 2022
GitHub will require all users who contribute code on the platform to enable two-factor authentication (2FA) as an additional protection measure on their accounts by the end of 2023. [.].
The Hacker News
DECEMBER 15, 2022
Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism.
SecureBlitz
DECEMBER 15, 2022
Here, I will show you how to keep your business running smoothly. If you want to be sure to maintain the progress you’ve made in your company and keep things running smoothly, there are different tools and techniques that can make a difference. A successful business is a combination of a lot of things, ranging […]. The post How To Keep Your Business Running Smoothly appeared first on SecureBlitz Cybersecurity.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Bleeping Computer
DECEMBER 15, 2022
GitHub is rolling out support for the free scanning of exposed secrets (such as credentials and auth tokens) to all public repositories on its code hosting platform. [.].
Malwarebytes
DECEMBER 15, 2022
Uber is facing a new cybersecurity incident after threat actors stole some of its data from Teqtivity, a third-party vendor that provides asset management and tracking services. "We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third party," said Teqtivity in a statement. "The third party was able to gain access to our AWS backup server that housed Teqtivity code and data files related to Teqtivity customers.".
Bleeping Computer
DECEMBER 15, 2022
In DDoS Protection, Gcore uses the bundle of XDP and regular expressions (regex). This article will explain why Gcore started using this solution (regex in XDP) and how they bound them via a third-party engine and API development. [.].
Heimadal Security
DECEMBER 15, 2022
LockBit ransomware is a malicious software designed for one thing: locking up the user’s computer in exchange for a ransom. LockBit will automatically vet for targets and encrypt all your files that are accessible on your computer if you don’t pay the ransom. LockBit ransomware attackers are self-piloted cyberattacks and have made a name for […].
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Expert insights. Personalized for you.
312 
Let's personalize your content