Tue.May 11, 2021

article thumbnail

AI Security Risk Assessment Tool

Schneier on Security

Microsoft researchers just released an open-source automation tool for security testing AI systems: “ Counterfit.” Details on their blog.

Risk 304
article thumbnail

Microsoft Patch Tuesday, May 2021 Edition

Krebs on Security

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser.

Wireless 261
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

RSAC insights: SolarWinds hack illustrates why software builds need scrutiny — at deployment

The Last Watchdog

By patiently slipping past the best cybersecurity systems money can buy and evading detection for 16 months, the perpetrators of the SolarWinds hack reminded us just how much heavy lifting still needs to get done to make digital commerce as secure as it needs to be. Related: DHS launches 60-day cybersecurity sprints. Obviously, one change for the better would be if software developers and security analysts paid much closer attention to the new and updated coding packages being assembled and depl

Software 190
article thumbnail

Colonial Pipeline attack reminds us of our critical infrastructure's vulnerabilities

Tech Republic Security

Cybersecurity expert discusses the many ways attackers could have gotten access to the Colonial Pipeline company and reminds us why the threat always looms.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Your Security Awareness Training Isn’t Working

Security Boulevard

Humans are the biggest risk to an organization’s cybersecurity posture, and it might be a bigger risk than many realize. According to research from Elevate Security, human behavior had a direct role in 88% of total losses in the largest cybersecurity incidents over the past five years and about two-thirds of major data breaches are. The post Your Security Awareness Training Isn’t Working appeared first on Security Boulevard.

article thumbnail

The many sides of DarkSide, the group behind the Colonial pipeline ransomware attack

Tech Republic Security

Though it likes to promote itself as being "philanthropic," the DarkSide gang represents a dangerous threat to organizations around the world.

More Trending

article thumbnail

Our infrastructure is more vulnerable than we realized, Colonial Pipeline attack shows

Tech Republic Security

Expert says there are several ways the hackers may have gotten access and how we can possibly prevent these attacks in the future.

157
157
article thumbnail

Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader

Threatpost

A patch for Adobe Acrobat, the world’s leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution.

137
137
article thumbnail

Critical Infrastructure Under Attack

Dark Reading

Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg.

136
136
article thumbnail

Predictive Security Analytics Use Cases

Security Boulevard

The range of predictive security analytics use cases a vendor offers fundamentally defines the maturity. The post Predictive Security Analytics Use Cases appeared first on Gurucul. The post Predictive Security Analytics Use Cases appeared first on Security Boulevard.

132
132
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

The DarkSide ransomware gang must be s g itself right now

Graham Cluley

So, what do you do if you're a ransomware gang which has just caught the attention of not just the world's media, but also the FBI and the President of the United States?

article thumbnail

WhatsApp will limit features for users who don’t accept new data?sharing rules

We Live Security

Your account won’t be deleted, but here's what you may want to be aware of if not even repeated reminders to accept the new policy do the trick. The post WhatsApp will limit features for users who don’t accept new data‑sharing rules appeared first on WeLiveSecurity.

article thumbnail

Threat Actor Compromised More than 25 Percent of Tor Network Relays, Research Shows

Hot for Security

Unknown actors took control over a quarter of all Tor network relays to launch man-in-the-middle attacks, target bitcoin addresses and much more. Tor is a software that lets users obfuscate their network traffic by routing it automatically through numerous volunteer-operated relays worldwide. That traffic is typically encrypted, so intercepting it is not really an option, but the attacker did something more subtle.

article thumbnail

Experts warn of a new Android banking trojan stealing users' credentials

The Hacker News

Cybersecurity researchers on Monday disclosed a new Android trojan that hijacks users' credentials and SMS messages to facilitate fraudulent activities against banks in Spain, Germany, Italy, Belgium, and the Netherlands.

Banking 128
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations worldwide in multiple industries, including government, finance, energy, manufacturing, and healthcare.

article thumbnail

Microsoft Outlook bug prevents viewing or creating email worldwide

Bleeping Computer

A Microsoft Outlook update released today for the desktop client introduced bugs that prevent users from creating or viewing mail. [.].

145
145
article thumbnail

Removal of Fraudulent URLs Jumped 15-Fold in 2020, NCSC Says

Hot for Security

In 2020, The National Cyber Security Centre’s (NCSC) Active Cyber Defense (ACD) program managed to curb the online scam economy in a record-breaking takedown of 700,595 scams. The agency’s latest annual report highlights a fifteen-fold increase in campaign takedowns compared to 2019. Nearly 1.5 million URLs were taken down in 2020, including: Fake celebrity endorsement scams – 286,213 campaigns taking down 731,080 URLs Fake shops – 139,522 campaigns taking down 222,353 URLs.

Scams 121
article thumbnail

DarkSide Wanted Money, Not Disruption from Colonial Pipeline Attack

Threatpost

Statement by the ransomware gang suggests that the incident that crippled a major U.S. oil pipeline may not have exactly gone to plan for overseas threat actors.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Colonial Pipeline attack: What government can do to deter critical infrastructure cybercriminals

SC Magazine

An aerial view of a Colonial Pipeline tank farm. A cyberattack that forced company to pause operations has cybersecurity experts questioning what tactics the U.S. government can take to deter cybercriminals. (Colonial Pipeline). The cyberattack on the Colonial Pipeline spurred a clear message from the White House Monday that the onus lies with critical infrastructure owners and operators to secure their own networks.

article thumbnail

Microsoft May 2021 Patch Tuesday fixes 55 flaws, 3 zero-days

Bleeping Computer

Today is Microsoft's May 2021 Patch Tuesday, and with it comes three zero-day vulnerabilities, so Windows admins will be rushing to apply updates. [.].

137
137
article thumbnail

Hackers target Windows users exploiting a Zero-Day in Reader

Security Affairs

Adobe confirmed that a zero-day vulnerability affecting Adobe Reader for Windows has been exploited in the wild in limited attacks. Adobe security updates for May 2021 address at least 43 CVEs in Experience Manager, InDesign, Illustrator, InCopy, Adobe Genuine Service, Acrobat and Reader, Magento, Creative Cloud Desktop, Media Encoder, Medium, and Animate.

Software 118
article thumbnail

Adobe fixes Reader zero-day vulnerability exploited in the wild

Bleeping Computer

Adobe has released a massive Patch Tuesday security update release that fixes vulnerabilities in twelve different applications, including one actively exploited vulnerability Adobe Reader. [.].

Software 128
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Researcher hacked Apple AirTag two weeks after its launch

Security Affairs

Apple AirTag has been launched less than two weeks ago, but a security researcher already claims to have hacked them. . The Apple AirTag has been available for just a couple of weeks and hacking community is already working on it to demonstrate that how to compromise it. “The German security researcher Stack Smashing tweeted today ( via The 8-bit ) that he was able to “break into the microcontroller of the AirTag” and modified elements of the item tracker software.” reported the

Hacking 117
article thumbnail

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

The State of Security

Over the weekend, the Alpharetta, GA based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure.

article thumbnail

U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack

The Hacker News

The ransomware attack against Colonial Pipeline's networks has prompted the U.S. Federal Motor Carrier Safety Administration (FMCSA) to issue a regional emergency declaration in 17 states and the District of Columbia (D.C.).

article thumbnail

Avaddon ransomware campaign prompts warnings from FBI, ACSC

Malwarebytes

Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an ongoing cybercrime campaign that is using Avaddon ransomware. The FBI states that is has received notifications of unidentified cyber actors using Avaddon ransomware against US and foreign private sector companies, manufacturing organizations, and healthcare agencies.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Vulnerability attacks weakness in Microsoft Azure virtual machine extensions

SC Magazine

Researchers at Intezer released details behind a previously undisclosed vulnerability that could allow Microsoft Azure users with low-level privileges to leak private data from any virtual machine extension plugged into their cloud environment. (Photo by Jeenah Moon/Getty Images). Researchers at Intezer released details behind a previously undisclosed vulnerability that could allow Microsoft Azure users with low-level privileges to leak private data from any virtual machine extension plugged int

Passwords 113
article thumbnail

Google open sources cosign tool for verifying containers

Security Affairs

Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images. Google has released a new open-source tool called cosign that allows to sign, verify container images, it was developed to make signatures invisible infrastructure. Cosign supports: Hardware and KMS signing Bring-your-own PKI Our free OIDC PKI (Fulcio) Built-in binary transparency and timestamping service (Rekor).

Internet 110
article thumbnail

Zix tricks: Phishing campaign creates false illusion that emails are safe

SC Magazine

An Office 365 retail pack. (Raysonho @ Open Grid Scheduler / Grid Engine, CC0, via Wikimedia Commons). Researchers last week spotted a phishing campaign that leveraged an online email authentication solution from Zix, in hopes that potential victims would be lulled into a false sense of security. The attack reached 5,000 to 10,000 mailboxes, targeting Office365 users with the goal of stealing their credentials, according to a new blog post today from Abnormal Security.

Phishing 112
article thumbnail

What are the Different Types of SSL Certificates Available?

Security Boulevard

While there is no doubt that a Secure Sockets Layer (SSL) certificate is crucial for your website to safeguard against cyberattacks, it could be challenging to choose the right one. The post What are the Different Types of SSL Certificates Available? appeared first on Indusface. The post What are the Different Types of SSL Certificates Available? appeared first on Security Boulevard.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.