Schneier on Security

MAY 4, 2022

Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are many keys to its stealth, including: The use of a unique backdoor Mandiant calls Quietexit, which runs on load balancers, wireless access point controllers, and other types

Malware 250

Malware IoT Wireless Antivirus 250

Tech Republic Security

MAY 4, 2022

If you're looking to employ a solid VPN service for remote workers, NordLayer VPN is an outstanding option. Find out how to install and use the client on both Ubuntu Desktop and Fedora 36. The post How to install the NordLayer VPN client on Linux and connect it to a virtual network appeared first on TechRepublic.

VPN 147

VPN Software 147

Bleeping Computer

MAY 4, 2022

F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. [.].

145

145

Tech Republic Security

MAY 4, 2022

Since April 2022 phishing emails have been sent to Gmail users from legitimate addresses, making it hard to tell spam from legitimate sources. The post Phishers taking advantage of Gmail’s SMTP relay service to impersonate brands appeared first on TechRepublic.

Phishing 142

Phishing 142

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

MAY 4, 2022

Back on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect, meaning all organizations that offer goods or services to European Union residents, or collect consumer data within the region, are now required to comply with the regulation. The post Unstructured Data and What it Means for GDPR Compliance appeared first on Security Boulevard.

Unstructured Data 138

Unstructured Data Data privacy Risk Government 138

Tech Republic Security

MAY 4, 2022

Auth0 and Okta are identity and access management software solutions, but which one should you choose? Dive into the specifics with this IAM tools feature comparison guide. The post Auth0 vs Okta: Compare IAM software appeared first on TechRepublic.

Software 143

Software 143

Tech Republic Security

MAY 4, 2022

Cloud-native applications are growing in popularity but can present issues related to security, compliance and observability, says Tigera. The post Security and compliance rank as the top challenges for deploying cloud-native apps appeared first on TechRepublic.

133

133

Bleeping Computer

MAY 4, 2022

GitHub announced today that all users who contribute code on its platform (an estimated 83 million developers in total) will be required to enable two-factor authentication (2FA) on their accounts by the end of 2023. [.].

Authentication 118

Authentication Accountability 118

Tech Republic Security

MAY 4, 2022

Auth0 and JumpCloud are two popular identity and access management software solutions. How do these IAM solutions compare, and which one is right for your business? The post Auth0 vs JumpCloud: Compare identity and access management software appeared first on TechRepublic.

Software 120

Software 120

CSO Magazine

MAY 4, 2022

Software-defined wide area networking, or SD-WAN , is the next frontier for the network edge. Multiple analysts report that the SD-WAN market is in the billions of dollars, with an annual growth rate in the 25% to 35% range. Managed service providers and carriers globally are increasingly deploying managed SD-WAN services to reach new markets. Almost all networking and security vendors have SD-WAN offerings, complicating the decision when choosing an SD-WAN solution.

Marketing 117

Marketing Firewall Cybersecurity Software 117

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

MAY 4, 2022

Better Stop Suicide, Pray.com and Talkspace are the worst offenders among the 32 mental health apps researchers reviewed. The post Mozilla privacy survey finds mental health and prayer apps fail privacy test pretty spectacularly appeared first on TechRepublic.

115

115

Malwarebytes

MAY 4, 2022

Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. The library is known to be used by major vendors such as Linksys, Netgear, and Axis, but also by Linux distributions such as Embedded Gentoo. Because the library maintainer was unable to develop a fix, this vulnerability remains unpatched.

IoT 114

IoT DNS Risk Internet 114

Hacker Combat

MAY 4, 2022

Prevention is always recommended when it comes to ransomware infections. Nevertheless, there are numerous ways to recover lost data whenever a device is compromised. Learn how to remove ransomware in four key steps. Ransom virus, often known as ransomware, blocks users from gaining access to their computer or personal documents and requests payment in exchange for access.

Ransomware 114

Ransomware Backups Encryption Wireless 114

We Live Security

MAY 4, 2022

Here's what you should know about some of the nastiest mobile malware – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely. The post 3 most dangerous types of Android malware appeared first on WeLiveSecurity.

Malware 118

Malware Mobile Software 118

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

MAY 4, 2022

Cybersecurity analysts have exposed a lengthy operation attributed to the group of Chinese hackers known as "Winnti" and tracked as APT41, which focused on stealing intellectual property assets like patents, copyrights, trademarks, and other types of valuable data. [.].

Cybersecurity 111

Cybersecurity 111

Security Affairs

MAY 4, 2022

Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked to Ukraine IT Army , are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen websites belonging to government, military, and media.

DDOS 109

DDOS Media Government Engineering 109

CSO Magazine

MAY 4, 2022

Whether a company utilizes a private, hybrid or public cloud infrastructure or offers cloud services to others, it is critical that each cloud instance and service be isolated to help minimize the risk of data compromise. In a traditional network, networking equipment and firewalls segment and isolate physical servers and other devices. However, to effectively isolate cloud instances, technologies like micro-segmentation are needed.

Firewall 109

Firewall Data breaches Technology Risk 109

Bleeping Computer

MAY 4, 2022

The Federal Bureau of Investigation (FBI) said today that the amount of money lost to business email compromise (BEC) scams continues to grow each year, with a 65% increase in the identified global exposed losses between July 2019 and December 2021. [.].

Scams 109

Scams 109

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

CSO Magazine

MAY 4, 2022

Digital transformation , or DX, is driving enterprises worldwide to adapt their network and security strategies. Two key trends in particular have accelerated due to the pandemic: the adoption of cloud infrastructures, and the growth of a distributed workforce. Together, these trends have forced a restructuring of both networking and security. Now, enterprises need to deploy security services anytime, anywhere, across a diverse set of architectures and endpoints.

Digital transformation 109

Digital transformation Architecture 109

Heimadal Security

MAY 4, 2022

In southeastern Australia, the state of New South Wales, sometimes known as New South Wales, recently suffered a cyberattack. What Happened? It has been confirmed by Transport for NSW that a cyber intrusion that occurred in early April had an impact on its Authorised Inspection Scheme (AIS) online application. As ZDNet explained, the AIS authorizes […].

Cybersecurity 111

Cybersecurity 111

The State of Security

MAY 4, 2022

When I joined nCircle as a security researcher in 2006, ASPL 117 had just been released. I missed the ASPL-100 release celebration, which included custom sweatshirts, but there was still one unclaimed shirt in the office and I brought it home, my first piece of company swag. That shirt still hangs in my closet all […]… Read More. The post A Tripwire Milestone: ASPL – 1000 is here appeared first on The State of Security.

107

107

Identity IQ

MAY 4, 2022

Are College Students Targeted by Identity Thieves? IdentityIQ. When it comes to identity theft , young adults are a primary target. Students are four times more likely to be targets of fraud that can go undetected for years compared to other consumers. In fact, 15% of students deal with severe or moderate impacts from fraud, according to a report from Tulane University.

Identity Theft 105

Identity Theft Passwords Phishing VPN 105

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

CSO Magazine

MAY 4, 2022

The transition into CWPP. Agility and flexibility were key directives in the development of new technology, which is why on-premise assets soon transitioned into virtual machines, which further transformed into compact and swift containers. Modern enterprise network environments are increasingly transforming to be cloud-based, where both applications and data storage are hosted in a cloud — and often multi-cloud — environment.

Architecture 105

Architecture Technology Software 105

Cisco Security

MAY 4, 2022

Cisco is pleased to announce a new addition to the Forensic Investigation Procedures for First Responders series of documents that will help customers and partners triage Cisco products that are suspected of being tampered with or compromised. These guides provide step-by-step instructions for first responders that can be used to assess platform integrity and collect information that can be used for forensic analysis.

Software 104

Software Network Security 104

CSO Magazine

MAY 4, 2022

The future of work involves connecting everyone and everything across a widely distributed, global business environment. At the same time, this ecosystem must be securely resilient to mitigate threats to the rapidly growing volume of connected devices. To do that, you must be able to see what you are defending — and quickly. Once an incident occurs, response must be rapid to contain and remediate the attack, and avoid significant business disruption.

Internet 103

Internet Internet 103

Security Affairs

MAY 4, 2022

A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers from Cybereason uncovered a sophisticated cyberespionage campaign, dubbed Operation CuckooBees, aimed at stealing intellectual property from the victims. The campaign flew under the radar since at least 2019, it was attributed by the experts to the China-linked Winnti group and targeted technology and manufacturing companies primari

Manufacturing 103

Manufacturing Passwords Malware Hacking 103

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

MAY 4, 2022

For about half a year, work email accounts belonging to over 100 employees of the National Health System (NHS) in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. [.].

Accountability 99

Accountability Phishing 99

Security Affairs

MAY 4, 2022

A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John Page aka ( hyp3rlinx ) discovered that malware from multiple ransomware operations, including Conti , REvil , LockBit , AvosLocker , and Black Basta, are affected by flaws that could be exploited block file encryption.

Ransomware 103

Ransomware Antivirus Malware Encryption 103

Bleeping Computer

MAY 4, 2022

Mitsubishi Electric, one of the world's leading providers of large-scale electrical and HVAC systems has admitted to fraudulently conducting quality assurance tests on its transformers—for decades. [.].

Technology 98

Technology 98

Security Affairs

MAY 4, 2022

Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on financial institutions, experts estimated that APT38 (Unit 180 of North Korea’s cyber-army Bureau 121) has stolen at hundreds of million dollars from banks worldwide. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, it has been active since at least 2014 and it has been observed targeting over 16 organizations

Ransomware 99

Ransomware Banking Malware Hacking 99

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.