Schneier on Security

JANUARY 21, 2021

FireEye is reporting the current known tactics that the SVR used to compromise Microsoft 365 cloud data as part of its SolarWinds operation: Mandiant has observed UNC2452 and other threat actors moving laterally to the Microsoft 365 cloud using a combination of four primary techniques: Steal the Active Directory Federation Services (AD FS) token-signing certificate and use it to forge tokens for arbitrary users (sometimes described as Golden SAML ).

Authentication 298

Authentication Passwords Accountability Hacking 298

Tech Republic Security

JANUARY 21, 2021

If you've ever been tempted to change your Google account password, but weren't sure how, don't let that confusion stop you. Jack Wallen walks you through the process.

Passwords 199

Passwords Accountability 199

We Live Security

JANUARY 21, 2021

Another in our occasional series demystifying Latin American banking trojans. The post Vadokrist: A wolf in sheep’s clothing appeared first on WeLiveSecurity.

Banking 145

Banking Malware 145

Tech Republic Security

JANUARY 21, 2021

Jack Wallen walks you through some of the steps you can take to check for and mitigate distributed denial of service attacks on a Linux server.

DDOS 201

DDOS 201

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

CSO Magazine

JANUARY 21, 2021

CISSP definition: What is CISSP? . Certified Information Systems Security Professional, or CISSP, is a certification for advanced IT professionals who want to demonstrate that they can design, implement, and manage a cybersecurity program at the enterprise level. It's offered by the International Information System Security Certification Consortium, or (ISC) 2 , a nonprofit organization that focuses on certification and training for cybersecurity professionals.

Cybersecurity 138

Cybersecurity 138

Tech Republic Security

JANUARY 21, 2021

The number of breaches may have fallen, but the number of exposed records hit a high not seen since 2005, says Risk Based Security.

Data breaches 203

Data breaches Risk 203

Tech Republic Security

JANUARY 21, 2021

Like large banks, these firms hold valuable financial data but often have smaller security budgets and fewer staff, says Digital Shadows.

Phishing 166

Phishing Banking Ransomware 166

CSO Magazine

JANUARY 21, 2021

Lately, dark web actors have one more worry: getting caught by law enforcement. Tracking dark web illegal activities has been a cat-and-mouse game for authorities, but in the end, they often catch their adversaries and seize the dodgy money. On the night of the 2020 presidential election, for example, US government officials managed to empty out a $1 billion Bitcoin wallet recovering funds linked to Silk Road, seven years after the market’s closure.

Government 133

Government Hacking 133

Dark Reading

JANUARY 21, 2021

The Base64 encoding scheme is often used to hide the plaintext elements in the early stages of an attack that can't be concealed under the veil of encryption. Here's how to see through its tricks.

Encryption 130

Encryption 130

Security Affairs

JANUARY 21, 2021

Bad ops of operators of a phishing campaign exposed credentials stolen in attacks and made them publicly available through Google queries. . Check Point Research along with experts from cybersecurity firm Otorio shared details on their investigation into a large-scale phishing campaign that targeted thousands of global organizations. The campaign has been active since August, the attackers used emails that masqueraded as Xerox scan notifications that were urging recipients into opening a malici

Phishing 126

Phishing Passwords Healthcare Manufacturing 126

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Graham Cluley

JANUARY 21, 2021

In the coming weeks Google will be rolling out a new feature to users of its Chrome browser which will make it easier to check for weak passwords and warn if stored passwords have been compromised in a past data breach. Read more in my article on the Tripwire State of Security blog.

Passwords 122

Passwords Data breaches Password Management 122

Tech Republic Security

JANUARY 21, 2021

If you're not sure how to view your SSH certificates, Jack Wallen walks you through the steps on Linux, macOS, and Windows.

133

133

Security Affairs

JANUARY 21, 2021

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. Taiwanese vendor QNAP has published a security advisory to warn customers of a new piece of malware named Dovecat that is targeting NAS devices. The malware was designed to abuse NAS resources and mine cryptocurrency. The malware targets QNAP NAS devices exposed online that use weak passwords. “QNAP Systems, Inc.

Cryptocurrency 112

Cryptocurrency Firmware Malware Passwords 112

Digital Shadows

JANUARY 21, 2021

Note: Our findings in this blog stem from analysis of all Q4 2020 cyber threat activity by our in-house research. The post Threats to Asset and Wealth Management in 2020-2021 first appeared on Digital Shadows.

Cyber threats 109

Cyber threats Cybercrime 109

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Affairs

JANUARY 21, 2021

Microsoft’s report provides details of the entire SolarWinds attack chain with a deep dive in the second-stage activation of malware and tools. Microsoft published a new report that includes additional details of the SolarWinds supply chain attack. The new analysis shad lights on the handover from the Solorigate DLL backdoor to the Cobalt Strike loader.

Data collection 113

Data collection Malware Firewall Hacking 113

The Hacker News

JANUARY 21, 2021

When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do list.

101

101

Security Affairs

JANUARY 21, 2021

Experts warn of automated scanning activity for servers affected by a critical SAP SolMan flaw after the release of an exploit code. Experts warn of an automated scanning activity for servers affected by vulnerabilities in SAP software, attackers started probing the systems after the release of an exploit for the critical CVE-2020-6207 flaw in SAP Solution Manager (SolMan), version 7.2. . “SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check

Authentication 108

Authentication Education Software Risk 108

The Hacker News

JANUARY 21, 2021

A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran.

Software 98

Software Malware Cybersecurity 98

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Hot for Security

JANUARY 21, 2021

Security researchers identified a phishing attack impersonating PayPal that allowed criminals to access people’s credentials, their PayPal account, and then their finances. Credentials for access to financial resources will always be a target for criminals, and since PayPal is one of the largest companies of its kind, it has a bullseye painted on it.

Phishing 98

Phishing Accountability Authentication Scams 98

Security Affairs

JANUARY 21, 2021

Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices. Cisco released security updates to address multiple flaws in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices. These vulnerabilities impact devices running the following Cisco SD-WAN Software: IOS XE SD-WAN Software SD-WAN vBond Orchestrator Software SD-WAN vEdge Cloud Routers SD-WAN vEd

Software 100

Software Authentication Hacking Information Security 100

Hot for Security

JANUARY 21, 2021

The US National Security Agency (NSA) has released a security advisory warning network administrators and security analysts that “new attacks against Transport Layer Security (TLS) and the algorithms it uses have been discovered.”. Primarily aimed at government entities, the notice instructs IT admins to “make a plan on how to weed out obsolete TLS configurations in the environment by detecting, prioritizing, remediating, and then blocking obsolete TLS versions, cipher suites, and finally key ex

Government 98

Government 98

CSO Magazine

JANUARY 21, 2021

With the unprecedented increase of teleworkers in 2020, the need for securing remote networks and users became a top priority for organizations. IT teams with little manpower found it difficult to fill important security positions, made worse by the challenge of securely transitioning to remote work. The cybersecurity skills gap continues to pose multiple challenges for organizations dealing with an expanding attack surface and a growing number of security alerts.

Cybersecurity 96

Cybersecurity 96

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Graham Cluley

JANUARY 21, 2021

Following a devastating ransomware attack, the London Borough Council of Hacney is looking for some external expertise to evaluate its staff's understanding of their security responsibilities, and help them adopt effective security practices. Do you think you could help them?

Ransomware 95

Ransomware Cybersecurity Malware 95

Tech Republic Security

JANUARY 21, 2021

Cybercriminals are setting up malicious domains and peddling phony drugs, all related to the new vaccines, says Bolster.

102

102

Threatpost

JANUARY 21, 2021

Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms.

Hacking 108

Hacking 108

InfoWorld on Security

JANUARY 21, 2021

One risk in deploying fleets of powerful and flexible clusters on constantly changing infrastructure like Kubernetes is that mistakes happen. Even minute manual errors that slip past review can have substantial impacts on the health and security of your clusters. Such mistakes, in the form of misconfigurations, are reportedly the leading cause of cloud breaches, for example.

Engineering 87

Engineering Risk 87

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Threatpost

JANUARY 21, 2021

Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm.

Software 105

Software Cryptocurrency Malware Hacking 105

Hot for Security

JANUARY 21, 2021

Researchers have recently stumbled upon an unsecure database belonging to Fleek, an X-rated social media app Fleek that ceased operations in 2019. The app was apparently popular on college campuses, offering an unfiltered alternative to all-too-familiar Snapchat. Users could upload unfiltered and unmoderated content including nudity, drugs and alcohol use, among others.

Media 86

Media Accountability Internet Internet 86

Threatpost

JANUARY 21, 2021

A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments.

Phishing 111

Phishing Hacking 111

Thales Cloud Protection & Licensing

JANUARY 21, 2021

What it Takes to Achieve Saudi Arabia’s Vision 2030. madhav. Thu, 01/21/2021 - 09:49. SAUDI ARABIA’S VISION 2030. Through Vision 2030, the Kingdom of Saudi Arabia (KSA) intends to reduce dependence on oil, diversify its economy, and develop public service sectors, such as health, education, infrastructure, recreation, and tourism. Underpinning this initiative is a focus on technology, digital transformation, and the development of digital infrastructure.

Digital transformation 77

Digital transformation Government Cybersecurity Encryption 77

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.