Thu.Jun 17, 2021

article thumbnail

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Schneier on Security

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. Although the algorithm has a 64-bit key, the effective key length is only 40 bits, due to “an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance.” GEA-1 was d

article thumbnail

Amazon Prime Day scams resurface for 2021

Tech Republic Security

With this year's Amazon Prime Day set for June 21-22, scammers are already touting "Early Prime Day Deals," says Bolster.

Scams 210
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Paul van Oorschot’s Computer Security and the Internet

Schneier on Security

Paul van Oorschot’s webpage contains a complete copy of his book: Computer Security and the Internet: Tools and Jewels. It’s worth reading.

Internet 221
article thumbnail

Fake Ledger devices mailed out in attempt to steal from cryptocurrency fans

Hot for Security

In December last year, we reported how the email and mailing addresses of some 270,000 Ledger customers had been published on a hacking forum following a data breach. At the time we warned users of the hardware cryptocurrency wallet to watch out for phishing scams that might attempt to steal users’ credentials. What we hadn’t predicted was that cybercriminals would use a rather more elaborate way to steal users’ credentials.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Most health apps engage in unhealthy data?harvesting habits

We Live Security

Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent. The post Most health apps engage in unhealthy data‑harvesting habits appeared first on WeLiveSecurity.

article thumbnail

Updated PCI DSS v4.0 Timeline

PCI perspectives

To follow up on an earlier communication , PCI SSC is now targeting a Q1 2022 publication date for PCI DSS v4.0. This timeline supports the inclusion of an additional request for comments (RFC) for the community to provide feedback on the PCI DSS v4.0 draft validation documents.

137
137

More Trending

article thumbnail

Over a billion records belonging to CVS Health exposed online

Security Affairs

Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records. This week WebsitePlanet along with the researcher Jeremiah Fowler discovered an unsecured database, belonging to the US healthcare and pharmaceutical giant CVS Health, that was exposed online. The database was accessible to everyone without any type of authentication. “On March 21st, 2021 the WebsitePlanet research team in cooperation with Security Researcher

article thumbnail

Report: Active Directory Certificate Services a big security blindspot on enterprise networks

CSO Magazine

As the core of Windows enterprise networks, Active Directory, the service that handles user and computer authentication and authorization, has been well studied and probed by security researchers for decades. Its public key infrastructure (PKI) component, however, has not received the same level of scrutiny and, according to a team of researchers, deployments are rife with serious configuration mistakes that can lead to account and domain-level privilege escalation and compromise. [ Check out th

CSO 133
article thumbnail

62% of Phishing Sites Abuse Free Tools or Services

Security Boulevard

In Q1, PhishLabs analyzed hundreds of thousands of phishing attacks and found more than 62% abused legitimate no-cost tools or services. . The post 62% of Phishing Sites Abuse Free Tools or Services appeared first on Security Boulevard.

Phishing 130
article thumbnail

Breaches and Incidents: Top 5 Cyber-attacks in Quarter 1 – 2021

Quick Heal Antivirus

The second wave of the pandemic has hit India hard from a cybersecurity perspective. There has been a. The post Breaches and Incidents: Top 5 Cyber-attacks in Quarter 1 – 2021 appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

The 6 best Chrome extensions for privacy and security

Malwarebytes

While searching for security- and privacy-improving extensions, users may end up installing an extension that is counterproductive to their goals. To help our readers I have compiled a list of Chrome extensions that can actually help you improve your online privacy and security. Our regular readers have seen me post various warnings about malicious Chrome extensions.

article thumbnail

Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran

Security Affairs

Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Researchers from Kaspersky reported that Iran-linked threat actors, tracked as Ferocious Kitten, used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets.

VPN 124
article thumbnail

Kaspersky discovers long time Malware based espionage campaign

CyberSecurity Insiders

Russian Security Firm Kaspersky has uncovered an espionage campaign that was targeting Persian-speaking people in Iran. And information is out that the campaign could have started by a hacking group dubbed Ferocious Kitten that has been active since 2015 and was conducting spying through a highly sophisticated malware named MarkiRAT. . Why the malware spreading hackers are targeting only Persian-speaking people is yet to be revealed to the public.

Malware 118
article thumbnail

NSA shares guidance on securing voice, video communications

Bleeping Computer

The National Security Agency (NSA) has shared mitigations and best practices that systems administrators should follow when securing Unified Communications (UC) and Voice and Video over IP (VVoIP) call-processing systems. [.].

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

CLOP ransomware suspects charged by police in Ukraine

The State of Security

Six people alleged to be part of the notorious CLOP ransomware gang have been detained and charged by Ukrainian police, following nearly two dozen raids across the country. Read more in my article on the Tripwire State of Security blog.

article thumbnail

5 biggest healthcare security threats for 2021

CSO Magazine

Cyberattacks targeting the healthcare sector have surged because of the COVID-19 pandemic and the resulting rush to enable remote delivery of healthcare services. Security vendors and researchers tracking the industry have reported a major increase in phishing attacks, ransomware , web application attacks, and other threats targeting healthcare providers.

article thumbnail

Attackers create phishing lures with standard tools in Google Docs to steal credentials

SC Magazine

The Google campus in Mountain View, California. (brionv, CC BY-SA 2.0 [link] , via Wikimedia Commons). Researchers on Thursday reported that hackers are using standard tools within Google Docs/Drive to lead unsuspecting victims to fraudulent websites, stealing credentials in the process. In a blog post, Avanan said hackers are bypassing static link scanners by hosting their attacks on publicly-known services.

Phishing 110
article thumbnail

BSides Tampa 2021 – Brent Keator’s ‘Don’t Fall Asleep At The Wheel … In Cloud’

Security Boulevard

Our thanks to BSides Tampa for publishing their outstanding videos on the organization's YouTube channel. Enjoy the Education! Permalink. The post BSides Tampa 2021 – Brent Keator’s ‘Don’t Fall Asleep At The Wheel … In Cloud’ appeared first on Security Boulevard.

Education 111
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Heimdal Case Files: The Honda Ransomware Attack

Heimadal Security

Ransomware attacks are not about to be history anytime soon. At least that is what recent studies show. The list of high-profile ransomware cyberattacks gets longer and more alarming every day, affecting all kinds of organizations: gas pipelines, foodservice distributors, and nuclear weapons contractors. Today we are going to take a closer look at the Honda ransomware attack.

article thumbnail

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. An affiliate of the Darkside ransomware gang , tracked as UNC2465, has conducted a supply chain attack against a CCTV vendor, Mandiant researchers discovered. UNC2465 is considered one of the main affiliated of the DARKSIDE group, along with other affiliates gangs tracked by FireEye/Mandiant as UNC2628 and UNC2659.

article thumbnail

How to Safely Transition Back to the Office

Security Boulevard

As the COVID-19 vaccination rollout advances and the roadmap out of lockdown becomes clearer, physical offices are eager to welcome employees back. Highly anticipated by some, viewed with skepticism by others, the transition from working from home to returning to the office environment is no easy feat. Companies planning to return to the workplace will.

article thumbnail

Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted

Security Affairs

The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakç?l, has found a major breach in popular online retailer Cosmolog Kozmetik’s database. This breach exposed users’ names, email addresses, physical addresses, phone numbers, order details, and more. Hundreds of thousands of users were compromised in the breach.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

What is Data Classification? A Data Classification Definition

Digital Guardian

Learn about the different types of classification and how to effectively classify your data in Data Protection 101, our series on the fundamentals of data security.

105
105
article thumbnail

What To Consider Before Getting Rid of Application Delivery Controllers

Security Boulevard

Application protection is becoming a must if you want to keep your organization’s data secure; adding application protection is possible. The post What To Consider Before Getting Rid of Application Delivery Controllers appeared first on Radware Blog. The post What To Consider Before Getting Rid of Application Delivery Controllers appeared first on Security Boulevard.

102
102
article thumbnail

A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran

The Hacker News

Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan (RAT) capable of stealing sensitive information from targets' devices since at least 2015.

VPN 102
article thumbnail

Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet

Security Affairs

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection. “According to court documents and evidence introduced at trial, Oleg Koshkin, 41, formerly of Estonia, operated the websites “Crypt4U.com,” “fud.bz” and others.” reads th

Antivirus 102
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments

The Hacker News

A Middle Eastern advanced persistent threat (APT) group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month.

article thumbnail

Fast threat modeling videos

Adam Shostack

I’m exploring the concept of very fast threat modeling videos, and have posted the first one. Feedback welcome!

100
100
article thumbnail

Strengthen Your Password Policy With GDPR Compliance

The Hacker News

A solid password policy is the first line of defense for your corporate network. Protecting your systems from unauthorized users may sound easy on the surface, but it can actually be quite complicated. You have to balance password security with usability, while also following various regulatory requirements.

Passwords 112
article thumbnail

Malicious Redirects Through Bogus Plugin

Security Boulevard

Recently we have been seeing a rash of WordPress website compromises with attackers abusing the plugin upload functionality in the wp-admin dashboard to redirect visitors and website owners to malicious websites. The payload is the following bogus plugin located here: /wp-content/plugins/plugs/plugs.php. At first glance these appear to be very unorthodox domains: hxxp://xn--o1aofd[.]xn--p1ai. hxxp://xn--80ady8a[.]xn--p1ai. hxxp://xn--80adzf[.]xn--p1ai. hxxp://xn--g1aey4a[.]xn--p1ai. hxxp://xn--g

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.