Schneier on Security
JUNE 29, 2022
Someone hacked the Ecuadorian embassy in Moscow and found a document related to Ecuador’s 2013 efforts to bring Edward Snowden there. If you remember, Snowden was traveling from Hong Kong to somewhere when the US revoked his passport, stranding him in Russia. In the document, Ecuador asks Russia to provide Snowden with safe passage to come to Ecuador.
Tech Republic Security
JUNE 29, 2022
While it is common belief that there is not much that can be done to locate remote servers hosted using the Tor network, a new research reveals it is possible to de-anonymize some and uses ransomware domains hosted on the Dark Web as examples. The post How to de-anonymize fraudulent Tor web servers appeared first on TechRepublic.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
eSecurity Planet
JUNE 29, 2022
Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet. Cyble researchers detected misconfigured Kubernetes instances that could expose hundreds of thousands of organizations. The researchers found a number of indicators of exposure in the open source container orchestration platform: KubernetesDashboard Kubernetes-master Kubernetes Kube K8 Favicon:2130463260, -1203021870.
Cisco Security
JUNE 29, 2022
Insights from the RSA Conference and Cisco Live. What is it that customers truly want from their security? Is it simplicity? Robust protection? Agility and flexibility? Yes! In today’s uncertain world where new challenges are being thrown at IT teams each day, security must meet many diverse needs. At the end of the day, it’s about keeping the entire business resilient despite the chaos of the cyber world. .
Speaker: Erroll Amacker
Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.
Graham Cluley
JUNE 29, 2022
The FBI has warned that, in an attempt to gain access to sensitive data at organisations, crooks are using deepfake video when applying for remote working-at-home jobs.
Cisco Security
JUNE 29, 2022
This article was coauthored by Dan Maunz and Ryan Morrow, both Security Program Managers in the Security & Trust Organization at Cisco. The purpose of this document is to provide the reader with a high-level overview of cloud delivery models, introduce the different deployment scenarios in which cloud services can be operated in, and highlight the risks to an organization when deploying and operating a cloud environment.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
Heimadal Security
JUNE 29, 2022
Evilnum is a sophisticated persistent threat that has been active since at least 2018, although its campaign and tools were just recently discovered in the year 2020. This means that Evilnum has been operating for at least two years. Emails containing links to ZIP files stored on Google Drive are sent to potential victims as […]. The post Evilnum Hackers Return appeared first on Heimdal Security Blog.
Malwarebytes
JUNE 29, 2022
Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus. Italian vendor RCS Labs developed Hermit. The spyware was spotted in Kazakhstan (to suppress protests against government policies), Italy (to investigate those involved in an anti-corruption case),
CSO Magazine
JUNE 29, 2022
The number of zero-days exploited in the wild has been high over the past year and a half, with different kinds of actors using them. These vulnerabilities, which are unknown to the software maker, are leveraged by both state-sponsored groups and ransomware gangs. During the first half of this year, Google Project Zero counted almost 20 zero-days, most of which target products built by Microsoft, Apple and Google, with browsers and operating systems taking up large chunks.
Dark Reading
JUNE 29, 2022
Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
Heimadal Security
JUNE 29, 2022
COPENHAGEN, June 29th, 2022 – Heimdal™ Security announced it has been included in the 2022 G2 Summer Reports Niche Quadrant in the Patch Management and Antivirus categories. Determined by customer satisfaction and scale (based on market share, vendor size, and social impact), the 2022 G2 Summer Reports ranks vendors into – Leaders, High Performers, Contenders, and […].
Malwarebytes
JUNE 29, 2022
In the continued saga of annoying search extensions we have a new end-of-level boss. Victims have been reporting browser extensions that were removed by Malwarebytes, but “magically” came back later. Since the victims also complained about the message saying their browser was “managed”, we had a pretty good idea where to look. custom search bar is one of the forced extensions.
Trend Micro
JUNE 29, 2022
We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.
Jane Frankland
JUNE 29, 2022
In last week’s newsletter (edition 3), I wrote about being you in the workplace and some of the difficulties that women in cyber face. I told you we have a saying at The Source , my new initiative for women in cyber and businesses who value them, but today I want to let you know about another saying we have. It’s, “No blame. No shame.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Dark Reading
JUNE 29, 2022
External attacks focused on vulnerabilities are still the most common ways that companies are successfully attacked, according to incident data.
Security Affairs
JUNE 29, 2022
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. The malware is highly likely available as a service on the Dark Web.
Dark Reading
JUNE 29, 2022
The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.
Speaker: Sierre Lindgren
Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.
Security Affairs
JUNE 29, 2022
Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote attackers to execute arbitrary code on a system that relies on the binary, like Zimbra webmail servers.
The Security Ledger
JUNE 29, 2022
The blocking and tackling work of scan management is becoming a commodity, writes Lisa Xu, the CEO of NopSec in this Expert Insight. What organizations need now is complete visibility of their IT infrastructure and business applications. The post How Vulnerability Management Has Evolved And Where It’s Headed Next appeared first on The Security. Read the whole entry. » Related Stories Identity Fraud: The New Corporate Battleground State of Modern Application Security: 6 Key Takeaways For 202
Security Affairs
JUNE 29, 2022
The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. The presence of these vulnerabilities within the infrastructure of an organization could potentially expose it to a broad range of attacks. “Welcome to the 2022 Common Weakness Enumeration (CWE ) Top 25 Most Dangerous Sof
We Live Security
JUNE 29, 2022
War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture. The post Do back offices mean backdoors? appeared first on WeLiveSecurity.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
JUNE 29, 2022
The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company in 2021. The RansomHouse extortion gang claims to have stolen 450 GB of data from the chipmaker giant AMD in 2021 and threatens to leak it or sell it if the company will not pay the ransom. The company has been added this week to the gang’s dark web leak site: According to BleepingComputer , a RansomHouse partners has breached the network of AMD a year ago, but the leak site repor
SecureWorld News
JUNE 29, 2022
The sequel to Stuxnet? A cyberattack this week has put Iranian steel manufacturing in the crosshairs. A hacking group by the name of Gonjeshke Darande (Farsi for Predatory Sparrow) hit the networks of three of Iran's largest steel companies: Khouzestan Steel, Hormozgan Steel, and Mobarakeh Steel. The group announced its attack on June 26th in a tweet, with video footage from inside a steel manufacturing plant showing the explosive kinetic consequences.
The Hacker News
JUNE 29, 2022
Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime access.
Security Boulevard
JUNE 29, 2022
It’s become a bit of a cliché, saying that the pandemic created a “new normal” for all of us. But the reality is, the pandemic did introduce new ways of living and working. Employees are demanding more flexible workplaces with a stronger focus on work-life balance than before the pandemic, and organizations are trying their … Continued. The post Building Visibility into Hybrid Workplaces: Tips for Minimizing Employee Burnout appeared first on DTEX Systems Inc.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Hacker News
JUNE 29, 2022
A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.
SecureWorld News
JUNE 29, 2022
Businesses have had to adapt significantly in the past few years, with the COVID-19 pandemic not only playing havoc with supply chains but also modifying the way that employees do their jobs. Perhaps the most obvious and universal change that we have seen is the move to working from home and other types of flexible working. Indeed, this change has had a knock-on effect where it is now far more common for individuals to use their own devices to carry out company work.
The Hacker News
JUNE 29, 2022
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed "YTStealer" by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar.
Security Boulevard
JUNE 29, 2022
New variants of the Black Basta ransomware are now emerging in the wild and routinely turning up in our global honeypots. According to online reports, Black Basta has managed to make many victims pay a ransom across US, Singapore, UAE, UK, India, and Australia since it was first discovered in the wild in February 2022. […]. The post Black Basta ransomware is mutating, and this has several implications appeared first on Security Boulevard.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Expert insights. Personalized for you.
232 
Let's personalize your content