Fri.Jun 17, 2022

article thumbnail

Tracking People via Bluetooth on Their Phones

Schneier on Security

We’ve always known that phones—and the people carrying them—can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. This new research shows that that’s not enough. Computer scientists at the University of California San Diego proved in a study published May 24 that minute imperfections in phones caused during manufacturing create a unique Bluetooth beacon , one that establishes a digital signature or fingerprint di

article thumbnail

Crosspost: A Simple SOAR Adoption Maturity Model

Anton on Security

Originally written for a new Chronicle blog. As security orchestration, automation and response (SOAR) adoption continues at a rapid pace , security operations teams have a greater need for a structured planning approach. My favorite approach has been a maturity model, vaguely modeled on the CMM approach. For example, in my analyst days, I built a maturity model for a SOC (2018) , a SIEM deployment (2018) and vulnerability management (2017).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to back up your Authy app

Tech Republic Security

In this step-by-step guide, learn how to enable the backup feature within the two-factor authentication application Authy. The post How to back up your Authy app appeared first on TechRepublic.

Backups 157
article thumbnail

HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook

Security Boulevard

A study shows many U.S. hospitals are leaking personal information to Facebook. Experts say it’s a HIPAA violation. The post HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook appeared first on Security Boulevard.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

How to fix the four biggest problems with failed VPN connections

Tech Republic Security

Is your VPN connected but not working? Learn four of the biggest trouble areas with VPN connections and how you can fix them today. The post How to fix the four biggest problems with failed VPN connections appeared first on TechRepublic.

VPN 157
article thumbnail

Interpol arrests 2000 criminals launching social engineering attacks

CyberSecurity Insiders

In what appears as an operation first of its kind, Interpol has arrested over 2000 criminals who launched social engineering attacks worldwide. The operation to nab thousands of cyber criminals at a time was named ‘ First Light 2022’ and was performed with the coordination of police forces from about 76 countries. Social engineering attacks are crimes that involve business email compromise, job scams, X-rated scams using beautiful faces of women, mainly models, telephone scams, money laundering,

More Trending

article thumbnail

Resurgence of Voicemail-themed Phishing Attacks Targeting Key Industry Verticals in US

Security Boulevard

Summary. Since May 2022, ThreatLabz has been closely monitoring the activities of a threat actor which targets users in various US-based organizations with malicious voicemail-notification-themed emails in an attempt to steal their Office365 and Outlook credentials. The tactics, techniques, and procedures (TTPs) of this threat actor have a high overlap with a previous voicemail campaign that ThreatLabz analyzed in July 2020.

Phishing 128
article thumbnail

Microsoft: June Windows updates may break Wi-Fi hotspots

Bleeping Computer

Microsoft is investigating a newly acknowledged issue causing connectivity issues when using Wi-Fi hotspots after deploying Windows updates released during the June 2022 Patch Tuesday. [.].

130
130
article thumbnail

Apps on Google Play Store with in-built Adware

CyberSecurity Insiders

Security researchers from Dr. Web have discovered in their latest study that many of the applications hosted in the Google Play Store were loaded with adware and info stealing malicious software. The most concerning info about these apps is the fact that some applications also have the potential to steal information from other apps such as OTPs received on Gmail or the SMS app on an android phone.

Adware 124
article thumbnail

Cisco says it won’t fix zero-day RCE in end-of-life VPN routers

Bleeping Computer

Cisco advises owners of end-of-life Small Business RV routers to upgrade to newer models after disclosing a remote code execution vulnerability that will not be patched. [.].

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

Security Affairs

China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor. Volexity researchers discovered that the zero-day vulnerability, tracked as CVE-2022-1040 , in Sophos Firewall was exploited by Chinese threat actors to compromise a company and cloud-hosted web servers it was operating.

Firewall 126
article thumbnail

Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation

CSO Magazine

Major technology platforms have joined 34 signatories in committing to the EU Commission’s attempts to fight online disinformation by removing financial incentives and empowering researchers and fact checkers.

article thumbnail

NinjaForms WordPress plugin, actively exploited in wild, receives forced security update

Graham Cluley

A critical vulnerability in a WordPress plugin used on over one million websites has been patched, after evidence emerged that malicious hackers were actively exploited in the wild.

123
123
article thumbnail

Cybersecurity Insights with Contrast CISO David Lindner | 6/17

Security Boulevard

Insight #1. ". Incremental and measurable improvement over time is the key to a successful security program.". . Insight #2. ". If you sell a product or service, and in selling that product or service you are charging more for basics like API or audit log access, I urge you to rethink your strategy. Providing security visibility in your products will only strengthen your relationship with your customers and provide them with the tools they need to monitor usage and perform incident investigatio

CISO 115
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

June Windows updates break Microsoft 365 sign-ins on Arm devices

Bleeping Computer

Microsoft is investigating a new known issue causing Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after deploying the June 2022 Windows updates. [.].

116
116
article thumbnail

Article 1/5: Stop Using VPNs and IP Whitelists to Secure Access to SaaS Applications

Security Boulevard

Co-author: Den Jones Do your employees complain about needing to use their corporate VPNs to access SaaS applications such as Microsoft Office 365, Google Workspace and Salesforce? Does your enterprise security model require backhauling traffic destined for SaaS applications through corporate VPN gateways or concentrators? Is your IT operations team constantly configuring and updating IP […].

VPN 111
article thumbnail

What Is a Threat Intelligence Platform ?

Heimadal Security

Huge volumes of data, a scarcity of analysts, and rapidly evolving cyber threats characterize today’s cybersecurity landscape’s challenges. There are many tools available to manage this data in current security infrastructures, but there aren’t many vendors that offer integration between them. This converts to a gargantuan engineering effort to manage systems, as well as a […].

article thumbnail

Why You Need CIS Controls for Effective Cyber Defense

Security Boulevard

The Center for Internet Security (CIS) is a non-profit organization that helps public sectors and private sectors improve their cybersecurity. The organization aims to help small, medium, and large organizations defend themselves against cyber threats and create an unbreakable cyber defense. . The post Why You Need CIS Controls for Effective Cyber Defense appeared first on Security Boulevard.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Microsoft: BlackCat Ransomware Group Targets Vulnerable Microsoft Exchange Servers

Heimadal Security

According to Microsoft, the BlackCat ransomware group is gaining access to targeted networks by exploiting unpatched Exchange server security flaws. After gaining access, the threat actors quickly began collecting data about the infected systems, followed by credential theft and lateral movement activities, intellectual property gathering, and delivering the ransomware payload.

article thumbnail

Survey: Maintaining Cybersecurity Balance is a Challenge

Security Boulevard

A survey of 1,007 IT decision-makers at small-to-medium enterprises (SMEs) found two-thirds of respondents (66%) conceded that adding security measures resulted in more cumbersome user experiences. The survey polled SMEs in the U.S. and United Kingdom and was conducted by JumpCloud, a provider of IT management tools. Despite that issue, however, most respondents (56%) said.

article thumbnail

New MaliBot Android Malware Mines Cryptocurrency

Heimadal Security

MaliBot can steal screenshots, intercept notifications and SMS messages, log boot operations, and provide its operators with remote control capabilities using a VNC system. The operators are granted the ability to travel between displays through VNC, as well as a scroll, take screenshots, copy and paste material, swipe, and conduct long pushes. In addition, the […].

article thumbnail

RiskLens Adds New APIs for Risk Registers and Other Reporting Tools

Security Boulevard

Today, we’re announcing new APIs and export capabilities for the RiskLens platform, part of our ongoing program to integrate quantitative risk analysis and reporting with the tools most familiar and convenient for our clients, such as executive dashboards, IRMs, GRCs, analytics products and other systems of record. . The post RiskLens Adds New APIs for Risk Registers and Other Reporting Tools appeared first on Security Boulevard.

Risk 104
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Friday Five 6/17

Digital Guardian

In this week’s Friday Five, read how ransomware criminals are making use of a kids’ game, how Apple devices everywhere may be affected by a hardware vulnerability, and much more.

article thumbnail

Russian Disinformation Evolving Across the Globe | Avast

Security Boulevard

Authors: Sadia Afroz and Vibhor Sehgal. On February 24, a conspiracy theory emerged that Russia attacked Ukraine to destroy a clandestine U.S. weapons program. This narrative, started by a QAnon follower on Twitter, quickly became one of the “official” reasons for invading Ukraine. The Russian Embassy in Sarajevo posted on Facebook about it. Since then, media networks in other countries – including China , India , and the US – started boosting the Biolabs conspiracy theory to millions of inte

Media 104
article thumbnail

Top 5 Front-End Frameworks Web Developers Should Consider

SecureBlitz

Web development is aimed at building responsive websites and saving speed up development procedures. Check out the best web development. Read more. The post Top 5 Front-End Frameworks Web Developers Should Consider appeared first on SecureBlitz Cybersecurity.

article thumbnail

This Week in Malware: killing Windows Defender with an npm package

Security Boulevard

This Week in Malware, highlights include malicious npm package 'flame-vali' that claims to let developers "bypass any request proxys." But that's not quite the case. And, some more dependency confusion packages caught by us. The post This Week in Malware: killing Windows Defender with an npm package appeared first on Security Boulevard.

Malware 98
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

How to spot malicious spam – Week in security with Tony Anscombe

We Live Security

As the risk of receiving a malware-laden email increases, take a moment to consider how to spot attacks involving malicious spam. The post How to spot malicious spam – Week in security with Tony Anscombe appeared first on WeLiveSecurity.

Malware 97
article thumbnail

The Complete Guide to XACML

Heimadal Security

XACML stands for “extensible access control markup language” and is used as a technique of fine-grain authorization because of its flexibility. The XACML standard defines not only a language for access control policies but also a language for request and response as well as a reference architecture. Access control policies may be expressed via the […].

article thumbnail

Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware

Dark Reading

Most of the attacks involve the use of automated exploits, security vendor says.

article thumbnail

QNAP 'thoroughly investigating' new DeadBolt ransomware attacks

Bleeping Computer

Network-attached storage (NAS) vendor QNAP once again warned customers on Friday to secure their devices against a new campaign of attacks pushing DeadBolt ransomware. [.].

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.