Wed.Apr 28, 2021

article thumbnail

Welcoming the Luxemburg Government CERT to Have I Been Pwned

Troy Hunt

Continuing my efforts to make more breach data available to governments after data breaches impact their domains, I'm very happy to welcome Luxemburg aboard Have I Been Pwned. More specifically, the CERT of the Grand Duchy of Luxemburg ( govcert.lu ) now has free API level access to query their national government domains. This now brings the government count to 14 and I look forward to welcoming more national CERTs in the future.

article thumbnail

Prisma Cloud can now automatically protect cloud workloads and containers

Tech Republic Security

Palo Alto Networks' cloud-native security suite is getting a bundle of new features to automate VM security and add malware protection to CI/CD workflows, among others.

Malware 158
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Are You NOT Detecting?

Anton on Security

What are you not detecting? OK, what threats are you NOT detecting? Still didn’t help? What I mean here is: are you thinking about these: Threats that you don’t need to detect due to your risk profile, your threat assessment, etc. Threats that you do need to detect, but don’t know how.

article thumbnail

How phishing attacks spoofing Microsoft are evading security detection

Tech Republic Security

The phishing emails use a Microsoft logo within an HTML table, which is not analyzed by security programs, says Inky.

Phishing 191
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Cancer Treatment across United States halted by Cyber Attack

CyberSecurity Insiders

Cancer treatment services across the United States have taken a big hit as a cyber attack is said to have disrupted the software services operating in the High-tech radiation machines used to treat the malign disease. Elekta is the company in discussion that was hit by a cyber attack and as it supplies software meant to operate radiation treatment systems, most of the medical treatments were cancelled or postponed across North America.

article thumbnail

Update your Macs! Malware attacks can exploit critical flaws in Apple’s built-in defences

Graham Cluley

Apple has released a brand new update for its macOS Big Sur operating system, and you really should install it. Amongst other fixes, Big Sur 11.3 patches a zero-day vulnerability that could allow an attacker to craft malicious payloads that will not be checked by Gatekeeper, the security check built into Apple's operating system that is supposed to block the execution of software from untrusted sources.

Malware 145

More Trending

article thumbnail

What Docker runtime deprecation means for your Kubernetes

CyberSecurity Insiders

This blog was written by an independent guest blogger. On December 8, 2020, Kubernetes released version 1.20—the third and final release of the popular container orchestration platform in 2020. Kubernetes noted in a blog post that the version contained 42 enhancements. Of those enhancements, 16 entered into alpha, while the remainder moved to beta or graduated to stable at 15 and 11, respectively.

article thumbnail

New stealthy Linux malware used to backdoor systems for years

Bleeping Computer

A recently discovered Linux malware with backdoor capabilities has flown under the radar for years, allowing attackers to harvest and exfiltrate sensitive information from compromised devices. [.].

Malware 144
article thumbnail

Arrest after man replaces official COVID-19 check-in signs with anti-vaxxer QR code

Graham Cluley

Police in South Australia have arrested a man for allegedly tampering with Covid-19 QR codes, replacing them with fake codes that could take the public to anti-vaxxer websites.

141
141
article thumbnail

Ransomware attack hits Washington, D.C. police department

Tech Republic Security

The attack was reportedly pulled off by the Babuk gang, which has already leaked screenshots of some of the stolen data.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Etsy-owned musical instrument marketplace Reverb suffers data breach

Hot for Security

The online musical instrument marketplace Reverb has suffered a data breach which has exposed the personal details of 5.6 million users. Security researcher Bob Diachenko, who has a long track record of uncovering databases left unsecured on the internet, came across an unsecured Elasticsearch server earlier this month which allowed anyone to access information about millions of Reverb’s users – no password required.

article thumbnail

Watch out! Android Flubot spyware is spreading fast

Malwarebytes

Using a proven method of text messages about missed deliveries, an old player on the Android malware stage has returned for an encore. This time it seems to be very active, especially in the UK where Android users are being targeted by text messages containing a link to a particularly nasty piece of spyware called Flubot. Warning from the National Cyber Security Centre.

Spyware 134
article thumbnail

Apple's macOS 11.3 fixes a zero-day exploit and includes M1 improvements

Tech Republic Security

The latest update to Apple's Big Sur includes critical security patches, which is why Cory Bohon advises upgrading your macOS devices now.

134
134
article thumbnail

Bitcoin scammers phish for wallet recovery codes on Twitter

Malwarebytes

We’re no strangers to the Twitter customer support DM slide scam. This is where someone watches an organisation perform customer support on Twitter, and injects themselves into the conversation at opportune moments hoping potential victims don’t notice. This is aided by imitation accounts modelled to look like the genuine organisation’s account.

Phishing 122
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

CISA issues guidance on defending against software supply chain attacks

CSO Magazine

The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance this week following the compromise of the SolarWinds software that affected thousands of entities across the United States and beyond. The guidance took the form of a primer for companies, explaining the nature of the software supply chain and the various access points where supply chain vulnerabilities exist.

Software 120
article thumbnail

Was the email account of Merseyrail’s MD hacked to spread word of ransomware attack?

Graham Cluley

Reports indicate that Merseyrail, the railway network serving Liverpool and the surrounding area, has been hit by the Lockbit ransomware.

article thumbnail

Jailbreak or Jail – Is Hacking for the Government A Crime?

Security Boulevard

After the horrific shooting in San Bernardino, California, federal law enforcement officers seized the now-dead suspect’s iPhone, and sought to examine it. However, the phone was “locked” using proprietary hardware and software from Apple. The government sought a court order (under the All Writs Act — an 18th century statute) compelling Apple to develop and.

article thumbnail

FBI Speeds Emotet Cleanup by Sharing Over 4 Million Email Addresses on HIBP

Heimadal Security

In another effort to mitigate the effects of the Emotet malware, the Federal Bureau of Investigation has shared 4.3 million email addresses stolen by the botnet with the Have I Been Pwned (HIBP) breach notification site. According to computer security expert and HIBP creator Troy Hunt, the email addresses span a wide range of countries […]. The post FBI Speeds Emotet Cleanup by Sharing Over 4 Million Email Addresses on HIBP appeared first on Heimdal Security Blog.

Malware 112
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

6 tips for better collaboration between security and cloud teams

CSO Magazine

Better collaboration between cloud engineers and security teams should grow naturally with cloud maturity. You want to get past security being seen as the “department of no” by the cloud team. Such efforts need to come from management and the teams themselves through old-fashioned relationship building, data sharing, and other cross-team efforts. With a little proactivity and cross-team communications, you can break down traditional silos to ensure both teams can best support the other when a br

article thumbnail

Veeam offers ransomware protection to Kubernetes containers

CyberSecurity Insiders

Veeam has proudly announced that it is offering ransomware protection to Kubernetes Containers through its v4.0 version of K10 software. The product release is happening through Kasten business and K10 happens to be a cloud based backup and disaster recovery software that offers business continuity to Kubernetes environments. FYI, Kasten was gained by Veeam for $150m in October 2020 and by using its technology, the latter has developed a product named K10 to back up up data and applications for

article thumbnail

Ransomware group threatens to leak information about police informants

Malwarebytes

One day after a ransomware group shared hacked data that allegedly belonged to the Washington, D.C. Police Department online, the police force for the nation’s capital confirmed it had been breached. “We are aware of unauthorized access on our server,” the Metropolitan Police Department—the official title of the DC police—said on Tuesday.

article thumbnail

Experian API Exposed Credit Scores of Most Americans

Security Boulevard

Big-three consumer credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity has learned. Experian says it has plugged the data leak, but the researcher who reported the finding says he fears the same weakness may be present at countless other lending websites that work with the credit bureau.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability

The Hacker News

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability in the Kerberos Key Distribution Center (KDC) security feature impacting F5 Big-IP application delivery services.

article thumbnail

Retailer DeinDeal Secures its API-driven E-commerce Platform with Salt Security

Security Boulevard

Salt Security protects mobile and web applications for DeinDeal as it expands offerings and partnerships PALO ALTO, Calif. – April 28, 2021 – Salt Security, the leading API security company, today announced that DeinDeal, a leading Swiss e-commerce retailer, has deployed the Salt Security API Protection Platform to secure the APIs driving its mobile and.

Retail 98
article thumbnail

Cybercriminals Widely Abusing Excel 4.0 Macro to Distribute Malware

The Hacker News

Threat actors are increasingly adopting Excel 4.0 documents as an initial stage vector to distribute malware such as ZLoader and Quakbot, according to new research. The findings come from an analysis of 160,000 Excel 4.0 documents between November 2020 and March 2021, out of which more than 90% were classified as malicious or suspicious.

Malware 99
article thumbnail

3 ways to prevent firmware attacks without replacing systems

CSO Magazine

A recent security post warned that firmware attacks are on the rise. They cited a survey of 1,000 cybersecurity decision makers at enterprises across multiple industries in the UK, US, Germany, Japan, and China finding that that 80% of firms have experienced at least one firmware attack in the past two years. However, only 29% of security budgets has been allocated to protect firmware.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Attention! FluBot Android Banking Malware Spreads Quickly Across Europe

The Hacker News

Attention, Android users! A banking malware capable of stealing sensitive information is "spreading rapidly" across Europe, with the U.S. likely to be the next target. According to a new analysis by Proofpoint, the threat actors behind FluBot (aka Cabassous) have branched out beyond Spain to target the U.K., Germany, Hungary, Italy, and Poland.

Banking 99
article thumbnail

APT Security: What You Need to Know about Advanced Persistent Threats

Heimadal Security

APT security is a concept that describes the preventive measures any company should take to avoid advanced persistent threats (APTs). Read on to find out how an APT attack works, what are the clues that indicate your network might be compromised and what you can do to avoid the danger. APT Security: Definition According to […]. The post APT Security: What You Need to Know about Advanced Persistent Threats appeared first on Heimdal Security Blog.

98
article thumbnail

FBI Offers Millions of Emotet Compromised Credentials to Have I Been Pwned

Hot for Security

The FBI has offered millions of passwords obtained from seized Emotet malware domains to HIBP (Have I Been Pwned) to make it easier to alert impacted users and companies. Law enforcement took down most of the Emotet infrastructure in one of the most significant collaborative efforts, gathering authorities from Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine, with international activity coordinated by Europol and Eurojust.

article thumbnail

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. .

Backups 98
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.