Schneier on Security

JANUARY 19, 2021

Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points. SUNSPOT is StellarParticle’s malware used to insert the SUNBURST backdoor into software builds of the SolarWinds Orion IT management product. SUNSPOT monitors running processes for those involved in compilation of the Orion product and replaces one of the source files to include the SUNBURST backdoor code.

Malware 297

Malware Software Hacking 297

Tech Republic Security

JANUARY 19, 2021

Now being trialed in Georgia smart city Peachtree Corners, the new tech can pick up on people standing too close together and detect whether someone is wearing a mask.

Software 199

Software 199

CSO Magazine

JANUARY 19, 2021

Security vendors can now leverage new telemetry and machine learning processing capabilities built into Intel's 11th Gen mobile processors to better detect and block sophisticated ransomware programs that attempt to evade traditional detection techniques. The features are built into Intel Core CPUs designed for businesses that include the vPro feature set. [ Keep up on the latest thought leadership, insights, how-to, and analysis on IT security through CSO Online’s newsletters. ].

Threat Detection 142

Threat Detection CSO Ransomware Mobile 142

Tech Republic Security

JANUARY 19, 2021

Using VoIP calls, the attackers trick people into logging into phishing sites as a way to steal their usernames and passwords.

Phishing 218

Phishing Passwords 218

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

JANUARY 19, 2021

The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts from Symantec revealed that threat actors behind the SolarWinds supply chain attack leveraged a malware named Raindrop for lateral movement and deploying additional payloads. Raindrop is the fourth malware that was discovered investigating the SolarWinds attack after the SUNSPOT backdoor, the Sunburst / Solorigate backdoor and the Teardrop tool. .

Malware 139

Malware Engineering Encryption Hacking 139

Tech Republic Security

JANUARY 19, 2021

Increased use of edge computing could "put AI everywhere," according to Hikvision's trends roundup.

192

192

Tech Republic Security

JANUARY 19, 2021

Security experts say organizations are, and should, implement a number of changes ranging from how they vet vendors to handling application updates.

147

147

Dark Reading

JANUARY 19, 2021

Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor.

Phishing 144

Phishing 144

Tech Republic Security

JANUARY 19, 2021

Android 11 allows users to enable the Wi-Fi-Enhanced MAC randomization. Jack Wallen shows you how.

138

138

Dark Reading

JANUARY 19, 2021

Here's to the sneakiest of the sneaky. These clever phishing messages -- that standard validation measures often missed -- deserve proper dishonor.

Phishing 125

Phishing 125

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Identity IQ

JANUARY 19, 2021

The news cycle has been dominated by the COVID-19 pandemic, the presidential election, nationwide protests and a whole lot more. With all that transpired over the last few months, and even with the SolarWinds cyberattack making headlines , it might be easy to forget that data breaches and hacks continue to expose the personal information of millions.

Data breaches 105

Data breaches Identity Theft Small Business Passwords 105

Appknox

JANUARY 19, 2021

What is WebSockets? WebSockets is a bi-directional, full-duplex communications protocol initiated over HTTP. They are commonly used in modern web applications for streaming data, Chat applications, and other asynchronous traffic. It is a protocol where the client and server can send the messages simultaneously over the channel.

Penetration Testing 111

Penetration Testing Mobile 111

Security Affairs

JANUARY 19, 2021

Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed today that SolarWinds hackers also breached its systems and gained access to its email. Malwarebytes joins the club of security firms that were hit by Solarwinds attackers, after FireEye , Microsoft , and CrowdStrike.

Hacking 105

Hacking Malware Software Information Security 105

CSO Magazine

JANUARY 19, 2021

Security researchers have found several serious vulnerabilities in dnsmasq, a utility used in many Linux-based systems, especially routers and other IoT devices, to provide DNS services. Attackers can exploit the flaws to redirect users to rogue websites when trying to access legitimate ones or to execute malicious code on vulnerable devices. [ Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan. | Sign up for CSO newslette

DNS 104

DNS CSO IoT Software 104

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

The State of Security

JANUARY 19, 2021

A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refined products that surround our lives. As a cybersecurity professional, I was more interested […]… Read More.

Cybersecurity 101

Cybersecurity 101

Threatpost

JANUARY 19, 2021

Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.

DNS 129

DNS Software 129

Digital Shadows

JANUARY 19, 2021

SearchLight customers can now automatically validate credential alerts via an integration with Azure AD, drastically reducing the time required to. The post Azure AD: Auto Validate Exposed Credentials first appeared on Digital Shadows.

98

98

TrustArc

JANUARY 19, 2021

External Verification Demonstrates Visier’s Commitment to Upholding Internationally Recognized Global Privacy Principles and Standards TrustArc was chosen by Visier for International Privacy Verification. Visier, the recognized leader in people analytics and planning, leverages complex people data to predict employment trends and inform HR decisions.

98

98

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Trend Micro

JANUARY 19, 2021

Through the Apex One with Endpoint Sensor (iES), we discovered an APT attack wherein an attacker utilized sophisticated techniques in an attempt to exfiltrate sensitive information from a company.

98

98

Dark Reading

JANUARY 19, 2021

Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot signs of the attack.

Malware 101

Malware 101

We Live Security

JANUARY 19, 2021

Criminals coax employees into handing over their access credentials and use the login data to burrow deep into corporate networks. The post FBI warns of voice phishing attacks stealing corporate credentials appeared first on WeLiveSecurity.

Phishing 103

Phishing Cybersecurity 103

CSO Magazine

JANUARY 19, 2021

The SolarWinds Orion SUNBURST backdoor is a sophisticated attack that creates a challenging problem for threat hunters (and data scientists) to solve. The attack has had a large impact through its clever design, and we can assume that we haven't seen the full extent of damage yet. It is worth deconstructing the available data for more indicators of compromise that might add valuable threat intelligence to the security community for future attacks.

94

94

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Affairs

JANUARY 19, 2021

The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) that warns of ongoing vishing attacks aimed at stealing corporate accounts and credentials from US and international-based employees.

Accountability 93

Accountability VPN Social Engineering Phishing 93

Threatpost

JANUARY 19, 2021

The FreakOut malware is adding infected Linux devices to a botnet, in order to launch DDoS and cryptomining attacks.

Malware 116

Malware DDOS 116

CSO Magazine

JANUARY 19, 2021

The SolarWinds Orion SUNBURST supply chain attack has rocked the confidence of security teams across all industries. In this blog, Todd Kemmerling, Director of Data Science at ExtraHop, reconstructs the timeline of the attack over the past 9+ months and provides insights about how to improve threat detection in the future. . A forensic examination of SUNBURST before detection.

Threat Detection 86

Threat Detection 86

Digital Guardian

JANUARY 19, 2021

The figure, about 272.5 million euros, corresponds to 281,000 data breach notifications issued by regulators across Europe since GDPR went into effect.

Data breaches 94

Data breaches 94

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

CSO Magazine

JANUARY 19, 2021

Cyberattacks are on the rise, and endpoints such as PCs are a frequent target. With nearly all employees now working from home, PCs are their main connection to the work environment and crucial to remaining productive. Any cyberthreat that compromises or takes down a user’s computer means, at the very least, a loss of productivity. Yet employees are human, and humans are known to miss threats and fall victim to phishing attacks, including the rising number that use COVID data as a lure.

Phishing 83

Phishing 83

Dark Reading

JANUARY 19, 2021

Seven flaws in DNSMasq have limited impact, but in combination they could be chained to create a multistaged attack.

DNS 142

DNS Software 142

CSO Magazine

JANUARY 19, 2021

When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in your organization – from management to front-line employees – is part of the defense team. But those team players can also be the biggest challenge, because to keep things secure, security teams must put up guardrails.

80

80

Dark Reading

JANUARY 19, 2021

Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.

139

139

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.