Schneier on Security

NOVEMBER 21, 2022

Brian Krebs writes about how the Zeppelin ransomware encryption scheme was broken: The researchers said their break came when they understood that while Zeppelin used three different types of encryption keys to encrypt files, they could undo the whole scheme by factoring or computing just one of them: An ephemeral RSA-512 public key that is randomly generated on each machine it infects. “If we can recover the RSA-512 Public Key from the registry, we can crack it and get the 256-bit AES Key

Encryption 301

Encryption Ransomware Advertising Cybersecurity 301

Tech Republic Security

NOVEMBER 21, 2022

Is VOIP secure? Can VOIP be hacked? Learn about why VOIP security is important and the best practices for your business to consider with our guide. The post 9 VOIP security best practices to consider for your business appeared first on TechRepublic.

Hacking 159

Hacking 159

eSecurity Planet

NOVEMBER 21, 2022

The Microsoft Detection and Response Team (DART) recently warned that attackers are increasingly using token theft to circumvent multi-factor authentication (MFA). “By compromising and replaying a token issued to an identity that has already completed multifactor authentication, the threat actor satisfies the validation of MFA and access is granted to organizational resources accordingly,” the team wrote in a blog post.

Authentication 145

Authentication Phishing Password Management Accountability 145

Security Affairs

NOVEMBER 21, 2022

A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Regu?a (@_r3ggi) of SecuRing published technical details and proof-of-concept (PoC) code for a macOS sandbox escape vulnerability tracked as CVE-2022-26696 (CVSS score of 7.8). In a wrap-up published by Regula, the researcher observed that the problem is caused by a strange behavior he observed in a sandboxed macOS app that may launc

Hacking 139

Hacking Information Security 139

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Security Boulevard

NOVEMBER 21, 2022

Cyberthreats adversely impact your SaaS applications and data. Here’s a look at how phishing affects your Microsoft 365 and Google Workspace environment. The post How Phishing Attacks Ruin Microsoft 365 and Google Workspace appeared first on Security Boulevard.

Phishing 137

Phishing Backups Risk Government 137

CyberSecurity Insiders

NOVEMBER 21, 2022

In December 2021, Google’s Threat Analysis Group (TAG) discovered the intense activities being conducted by Glupteba Botnet on the internet and filed a lawsuit in a district court of New York. A report was submitted, and it was clearly mentioned in it that two Russian nations were operating this botnet group that works differently from the other conventional groups of botnets.

IoT 128

IoT Cryptocurrency Internet Internet 128

Heimadal Security

NOVEMBER 21, 2022

Ten people have been charged by the U.S. Department of Justice (DOJ) for their alleged roles in business email compromise (BEC) scams. These scams were aimed at a wide range of victims, including federal funding programs like Medicare and Medicaid. More than $11.1 million was lost as a result of these attacks, with the money […]. The post 10 Suspects Charged for BEC Scams Targeting Federal Funding Programs appeared first on Heimdal Security Blog.

Scams 105

Scams Cybersecurity 105

CSO Magazine

NOVEMBER 21, 2022

The ability for employees to work remotely comes with many benefits, from better work-life balance to lower expenses to higher productivity. But a widely dispersed workforce can pose some great challenges for security teams, not least of which is how remote work affects security incident reporting. With companies growing more accustomed to implementing security technologies and processes better attuned to mass remote working, incident reporting has the potential to become a major stumbling block

Technology 105

Technology 105

Heimadal Security

NOVEMBER 21, 2022

The encryption mechanism of the Zeppelin ransomware was analyzed by security researchers and, as they found vulnerabilities in it, they began to secretly exploit the flaws in order to create a working decryptor which they then used to help companies affected by ransomware to recover files without having to pay the attackers. The developer of […].

Ransomware 105

Ransomware Encryption Cybersecurity 105

CyberSecurity Insiders

NOVEMBER 21, 2022

AirAsia, one of the noted airliners of Malaysia, has apparently been hit by a cyber attack of ransomware variant and Daixin Team Group is claiming to have accessed over 5 million records of customers and staff and has allegedly released two spreadsheets proving its claims as true. The Kuala Lumpur based airlines that offer flight services to over 165 destinations- all with the help of 22,000 employees worldwide is taking all measures to contain the repercussions arising from the attack.

Ransomware 104

Ransomware Encryption Cryptocurrency Data breaches 104

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Security Affairs

NOVEMBER 21, 2022

Experts from Cyble Research and Intelligence Labs (CRIL) discovered three new ransomware families: AXLocker, Octocrypt, and Alice Ransomware. Threat intelligence firm Cyble announced the discovery of three new ransomware families named AXLocker, Octocrypt, and Alice Ransomware. The AXLocker ransomware encrypts victims’ files and steals Discord tokens from the infected machine.

Ransomware 102

Ransomware Encryption Malware Hacking 102

Anton on Security

NOVEMBER 21, 2022

This quick blog is essentially a summary of our (joint with Marshall from Mandiant ) Google Cloud Next 2022 conference presentation ( video ) and a pointer to a just-released podcast on the same topic?—?security incident response (IR) in public cloud. In our Next presentation , we only had 18.5 minutes to present a few fun and insightful things about security incident response in the cloud.

Data preservation 100

Data preservation Technology 100

Security Affairs

NOVEMBER 21, 2022

Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. This week, Google announced it has won a nearly year-long legal battle against the Glupteba botnet. Glupteba is a highly sophisticated botnet composed of millions of compromised Windows devices. Unlike other botnets, Gluteba leverages cryptocurrency blockchains as a command-and-control mechanism in an attempt to make it more resilient to takeover. “This means that a conventional bo

Cybercrime 100

Cybercrime IoT Cryptocurrency Malware 100

WIRED Threat Level

NOVEMBER 21, 2022

Lawmakers are growing concerned about a flood of data-hungry cars from China taking over American streets.

98

98

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

NOVEMBER 21, 2022

Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine. The Beacon includes a wealth of functionality for the attacker, including, but not limited to command execution, key logging, file transfer, SOCKS proxying, privilege escalation, mimikatz, port scanning and lateral movement. .

Penetration Testing 98

Penetration Testing Hacking Cybersecurity Cybercrime 98

WIRED Threat Level

NOVEMBER 21, 2022

A 500-page document reviewed by WIRED shows that Corellium engaged with several controversial companies, including spyware maker NSO Group.

Spyware 98

Spyware 98

Security Boulevard

NOVEMBER 21, 2022

Wiz today announced it added a data security posture management (DSPM) module to its cloud-native application protection platform (CNAPP) that makes it simpler to prioritize remediation efforts based on the value of the data that might be compromised. Wiz CTO Ami Luttwak said rather than presenting development teams with a long list of vulnerabilities, it’s.

Cybersecurity 98

Cybersecurity 98

Heimadal Security

NOVEMBER 21, 2022

State-backed Chinese hackers started a spear phishing attempt to spread personalized malware stored in Google Drive to international governmental, academic, and scientific institutions. The attacks were observed between March and October 2022, and researchers attributed the actions to the cyber espionage group Mustang Panda (Bronze President, TA416).

Phishing 98

Phishing Malware Cybersecurity 98

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Security Boulevard

NOVEMBER 21, 2022

Employee Onboarding effectiveness defines whether your employee will be engaged or disengaged at work, depending on the impression created on them. Poorly managed onboarding can lead to abandonment, especially for youngsters. According to an SHRM article: 69% of employees stay longer with good onboarding A structured onboarding program will make 58% of employees stay up […].

98

98

Heimadal Security

NOVEMBER 21, 2022

Vanuatu’s Government’s servers were taken out on November 4th, leaving 315,000 people unable to pay taxes, invoice bills, get licenses, or purchase travel visas. Websites of Vanuatu’s parliament, police, and prime minister’s office were disabled by hackers, while the email system, intranet, and online databases of schools, hospitals, and other emergency services were also out of […].

Government 98

Government Cybersecurity 98

Security Boulevard

NOVEMBER 21, 2022

Today, 90% of organizations are operating in hybrid and multi-cloud environments—a number that has increased over the past two years due to the acceleration of digital transformation efforts required to support a hybrid workforce. While this flexibility and agility enable the remote workforce and faster application delivery, the proliferation of multiple parallel infrastructures has also.

Digital transformation 98

Digital transformation Security Awareness Cybersecurity Network Security 98

Heimadal Security

NOVEMBER 21, 2022

An external penetration test is a type of security assessment that simulates the activities of real-world attackers to assess the resiliency of your organization’s network perimeter. It is widely regarded as one of the first types of assessments that most organizations will undergo, as most are concerned with addressing their Internet-facing weaknesses first.

Penetration Testing 98

Penetration Testing Internet Internet 98

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Security Boulevard

NOVEMBER 21, 2022

It’s wild to think that 2022 is wrapping up and that many of us are prepping for what’s next in 2023. As the new year fast approaches, it’s time to consider what Kubernetes open source tools you need in 2023. . The post Top 4 Kubernetes Open Source Tools You Need in 2023 appeared first on Security Boulevard.

98

98

Heimadal Security

NOVEMBER 21, 2022

On Friday, November 18, 2022, the Indian government proposed a new online data protection regulation version. The Digital Personal Data Protection Bill 2022 is the fourth attempt, since 2018, to secure users’ personal data, seek their consent for the information that will be collected, and also disclose the purpose of that data collection. The proposal […].

Data collection 98

Data collection Government Cybersecurity 98

Security Boulevard

NOVEMBER 21, 2022

William Dubin, a licensed psychologist in Austin, Texas, provided psychological services to a youth facility known as Williams House. As part of a kickback scheme with the head of Williams House, Dubin had Williams House employees conduct intake of kids admitted to the facility, and then Dubin claimed that these assessments were done by himself, The post Supreme Court to Consider Identity Theft Case appeared first on Security Boulevard.

Identity Theft 98

Identity Theft Cybersecurity 98

Digital Guardian

NOVEMBER 21, 2022

No matter what form they take, trade secrets can be incredibly valuable to a business. We asked 28 IP experts and business leaders what their most important tips are for keeping them safe.

98

98

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Boulevard

NOVEMBER 21, 2022

CyberStrong dashboards allow security professionals to aggregate and consolidate data into useful, presentable, easy-to-understand images that visualize cybersecurity posture in real-time. Leaders can see program data from a single pane of glass without relying on disparate reporting functions by taking an integrated risk management approach to cyber security risk management.

Cybersecurity 98

Cybersecurity Risk Government Cyber Risk 98

Heimadal Security

NOVEMBER 21, 2022

AXLocker is a new strain of ransomware discovered in late November 2022. It encrypts the files of victims and demands payment, but it also steals the Discord accounts of infected users—a double-edged sword. How Does The Virus Work? First, AXLocker encrypts your files. The danger of AXLocker is twofold. First, its potential risk is that […]. The post New Ransomware Trick: Encrypting Files Then Stealing Discord Accounts appeared first on Heimdal Security Blog.

Encryption 97

Encryption Accountability Ransomware Risk 97

Security Boulevard

NOVEMBER 21, 2022

The post 4 ways GitOps can help secure your software pipeline appeared first on Security Boulevard.

Software 98

Software 98

The Hacker News

NOVEMBER 21, 2022

The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per DataBreaches.net.

Ransomware 96

Ransomware Cybercrime 96

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!