Fri.Apr 22, 2022

article thumbnail

Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries

Schneier on Security

Interesting implementation mistake : The vulnerability, which Oracle patched on Tuesday , affects the company’s implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally. […]. ECDSA signatures rely on a pseudo-random number, typically notated as K, that’s used to derive two additional numbers, R and S.

article thumbnail

Weekly Update 292

Troy Hunt

Well that was an unusual ending. Both my mouse and keyboard decided to drop off right at the end of this week's video and without any control whatsoever, there was no way to end the live stream! Wired devices from kids borrowed, I eventually got back control and later discovered that all things Bluetooth had suddenly decided to die without any warning whatsoever.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

OAuth 2.0: What is it and how does it work?

Tech Republic Security

The OAuth authentication framework provides users with a safe way to access online services without putting their credentials at risk. Here’s a quick rundown of what you should know about OAuth 2.0. The post OAuth 2.0: What is it and how does it work? appeared first on TechRepublic.

article thumbnail

Nigeria blocks 73 million mobile numbers for security reasons

CyberSecurity Insiders

Nigeria has announced a clampdown on 73 million mobile numbers as they failed to link their SIMS to the NIN database. And reports are in that nearly one-third of the entire mobile user’s database was blocked from making any outgoing calls because of privacy, security, and issues related to compliance. In July 2011, most of the South African countries agreed to employ SIM Registration laws in their regions, respectively, and those countries include Egypt, Ghana, Kenya, and Nigeria.

Mobile 111
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

YouTube Bans Hong Kong Election Candidate Lee Ka-chiu

Security Boulevard

Google and Facebook ban China’s candidate in Hong Kong’s upcoming elections. John Lee Ka-chiu (pictured) was sanctioned by the U.S. in 2020 for his actions supporting China’s suppression of regional autonomy. The post YouTube Bans Hong Kong Election Candidate Lee Ka-chiu appeared first on Security Boulevard.

article thumbnail

7 Ransomware Protection Tips to Help You Secure Data in 2022

Hacker Combat

There were 2690 reports of ransomware attacks in 2021, which was a 97.1% increase on 2020 levels. Ransomware is malicious software that infects a personal or organizational computer and then holds information for ransom until the affected party pays some money. Ransomware cost businesses and individuals $18 billion in 2020, with the average sum paid totaling $220,298 in the first quarter of 2021.

More Trending

article thumbnail

Cryptomining botnet targeting Docker on Linux systems

CSO Magazine

LemonDuck, a well-known cryptomining botnet , is targeting Docker on Linux systems to coin digital money, CloudStrike reported Thursday. The company's threat research team revealed in a blog written by Manoj Ahuje that the botnet is leveraging Docker APIs exposed to the internet to run malicious containers on Linux systems. Docker is used to build, run, and mange containerized workloads.

article thumbnail

Zscaler ThreatLabz Discovers Multiple Product Bugs in Adobe Acrobat

Security Boulevard

In April 2022, Adobe released security update APSB22-16. This update fixed five product bugs that Zscaler’s ThreatLabz reported in Adobe Acrobat that are related to EMF (Enhanced Metafile Format) parsing. Adobe determined that Acrobat is secure by default for converting EMF to PDF. Specifically, abuse requires administrative privileges to modify the registry and add HKLM keys in order to enable the feature of the conversion from EMF to PDF.

article thumbnail

Friday Five 4/22

Digital Guardian

The thwarting of an underwater cyber attack, a growing cyber threat to critical infrastructure, and phishing attacks leveraging… LinkedIn? Catch up on these stories and more with this week’s Friday Five!

article thumbnail

Combatting a BlackCat Ransomware Active Directory Attack

Security Boulevard

The FBI has released FBI Flash CU-000167-MW warning that BlackCat/ALPHV ransomware-as-a-service (RaaS) group has compromised at least 60 entities globally. As with the majority of cyberattacks, BlackCat/ALPHV’s end game is an Active Directory attack. Top on the FBI’s list of recommended mitigations is reviewing your Active Directory environment for unrecognized user accounts and other indicators.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Researcher Releases PoC for Recent Java Cryptographic Vulnerability

The Hacker News

A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.

95
article thumbnail

Moving Beyond Security Culture Bottlenecks

Security Boulevard

Creating and maintaining an effective security culture is the holy grail for many, if not all, organizations in this era of security breaches and heightened privacy concerns among employees, customers and other key stakeholders. But despite their best efforts, many struggle to create a strong security culture. Even those that do often fail in their.

article thumbnail

Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

The Hacker News

Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as CVE-2022-0540, the flaw is rated 9.9 out of 10 on the CVSS scoring system and resides in Jira's authentication framework, Jira Seraph.

article thumbnail

Cybersecurity News Round-Up: Week of April 18, 2022

Security Boulevard

Billions of malicious emails are lobbed at UK government employees every year, more than 100 different Lenovo consumer laptop computers are vulnerable to ransomware, the FBI is warning farming co-ops of possible attacks. The post Cybersecurity News Round-Up: Week of April 18, 2022 appeared first on Security Boulevard.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

QNAP Advises Users to Update NAS Firmware to Patch Apache HTTP Vulnerabilities

The Hacker News

Network-attached storage (NAS) appliance maker QNAP on Thursday said it's investigating its lineup for potential impact arising from two security vulnerabilities that were addressed in the Apache HTTP server last month. The critical flaws, tracked as CVE-2022-22721 and CVE-2022-23943, are rated 9.8 for severity on the CVSS scoring system and impact Apache HTTP Server versions 2.4.

article thumbnail

ALPHV: Breaking Down the Complexity of the Most Sophisticated Ransomware

Security Boulevard

In our new threat briefing report, Forescout’s Vedere Labs describes how it analyzed files and tools used by an affiliate of the ALPHV ransomware group during an attack. ALPHV, also known as Black Cat, is a Ransomware-as-a-Service gang that was first discovered in November 2021. This gang has hit more than 60 organizations and large […]. The post ALPHV: Breaking Down the Complexity of the Most Sophisticated Ransomware appeared first on Forescout.

article thumbnail

Windows 10 KB5012636 cumulative update fixes freezing issues

Bleeping Computer

Microsoft has released the optional KB5012636 cumulative update preview for Windows 10 1809 and Windows Server 2019, with fixes for system freezing issues affecting client and server systems. [.].

98
article thumbnail

Tackling Cybersecurity Vulnerabilities in School Systems  

Security Boulevard

Not Kidding Around While chalkboards have long seemed artifacts from classrooms of the past, you might be surprised just how dramatically classrooms have changed just within the last ten years. Tablets and Chromebooks have replaced many textbooks and paper hand-in systems, plagiarism and cheating are detected in new ways, and sometimes, the classroom is no longer a physical space–e-learning and.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

T-Mobile confirms Lapsus$ hackers breached internal systems

Bleeping Computer

T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "several weeks ago" using stolen credentials and gained access to internal systems. [.].

Mobile 98
article thumbnail

The new Elastic CEO puts cloud front and center

InfoWorld on Security

The new CEO of the enterprise search software company Elastic has one priority: cloud. “Cloud is front and center,” he told InfoWorld during a recent interview. “That is really where you should continue to see me double down.” Elastic.

article thumbnail

'Hack DHS' bug hunters find 122 security flaws in DHS systems

Bleeping Computer

The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its 'Hack DHS' bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. [.].

Hacking 98
article thumbnail

Watch Out! Cryptocurrency Miners Targeting Dockers, AWS and Alibaba Cloud

The Hacker News

LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. "It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses," CrowdStrike said in a new report. "It evades detection by targeting Alibaba Cloud's monitoring service and disabling it.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Russian hackers are seeking alternative money-laundering options

Bleeping Computer

The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. [.].

article thumbnail

QNAP firmware updates fix Apache HTTP vulnerabilities in its NAS

Security Affairs

Taiwanese vendor QNAP warns users to update their NAS Firmware to fix Apache HTTP flaws addressed in the Apache HTTP server last month. Taiwanese vendor QNAP warns users to update their NAS Firmware to address Apache HTTP vulnerabilities, tracked as CVE-2022-22721 and CVE-2022-23943 , addressed in the Apache HTTP server in March. “While CVE-2022-22719 and CVE-2022-22720 do not affect QNAP products, CVE-2022-22721 affects 32-bit QNAP NAS models, and CVE-2022-23943 affects users who have en

article thumbnail

Atlassian fixes critical Jira authentication bypass vulnerability

Bleeping Computer

Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are affected by a critical authentication bypass vulnerability in Seraph, the company's web application security framework. [.].

article thumbnail

Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe

We Live Security

As the Five Eyes nations warn of attacks against critical infrastructure, we look at the potentially cascading effects of such attacks and how essential systems and services can ramp up their defense. The post Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe appeared first on WeLiveSecurity.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Chinese hackers behind most zero-day exploits during 2021

Bleeping Computer

Threat analysts report that zero-day vulnerability exploitation is on the rise with Chinese hackers using most of them in attacks last year. [.].

99
article thumbnail

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

Cyberattacks are not only a technological problem for companies, but they also represent a very real financial threat. That’s where cyber insurance may be able to help. According to the Ponemon Institute and IBM, the global average cost of a data breach is $4.24 million and climbing. And costs can be much higher for some industries and geographic locations (including the United States).

article thumbnail

Ubuntu 22.04 LTS released with performance and security improvements

Bleeping Computer

Canonical has announced the general availability of version 22.04 of the Ubuntu Linux distribution, codenamed 'Jammy Jellyfish', which brings better hardware support and an improved security baseline. [.].

article thumbnail

Pwn2Own Miami hacking contest awarded $400,000 for 26 unique ICS exploits

Security Affairs

Which hat hackers that participated in the Pwn2Own Miami 2022 hacking contest earned a total of $400,000 for their ICS exploits. The Pwn2Own Miami 2022 is a hacking contest organized by Trend Micro’s Zero Day Initiative (ZDI) that focuses on demonstrating exploits for ICS systems belonging to the following categories: the OPC UA Server, Control Server, Human Machine Interface, and Data Gateway.

Hacking 88
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.