Schneier on Security

JANUARY 13, 2022

Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation. New documents received by Motherboard show that over 100 of those phones were shipped to users in the US, far more than previously believed. What’s most interesting to me about this new information is how the US used the Australians to get around domestic spying laws: For legal reasons, the FBI did not monitor outgoing me

Surveillance 306

Surveillance Encryption Government 306

The Last Watchdog

JANUARY 13, 2022

Last month’s $125 million Security and Exchange Commission (SEC) fine combined with the $75 million U.S. Commodity Futures Trading Commission (CFTC) fine against JPMorgan sent shockwaves through financial and other regulated customer-facing industries. Related: Why third-party risks are on the rise. According to a SEC release , hefty fines brought against JPMorgan, and its subsidiaries were based on “widespread and longstanding failures by the firm and its employees to maintain and preserve writ

Mobile 227

Mobile Encryption Risk 227

Troy Hunt

JANUARY 13, 2022

I recorded this a week after Charlotte appeared with me, fresh out of isolation with a negative COVID test. However. 9 year old Elle had tested positive on Monday (albeit entirely symptomatic, so no idea how long she'd been positive) but hey, hopefully she'd be clear today. Yeah, nah and to top it off, 12 year old Ari was positive. Also entirely asymptomatic (and double-vaxed) so instead of ending today with our freedom, we're ending day 15 of our ongoing isolation in, well, more

207

207

Tech Republic Security

JANUARY 13, 2022

A new study at unprecedented scale revealed that embedded phishing training in simulations run by organizations doesn't work well. Yet crowd-sourcing phishing detection is.

Phishing 179

Phishing 179

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JANUARY 13, 2022

Google has finally rolled out an option on Android allowing users to disable 2G connections, which come with a host of privacy and security problems exploited by cell-site simulators. [.].

145

145

Graham Cluley

JANUARY 13, 2022

A notorious cybercrime gang, involved in a series of high profile ransomware attacks, has in recent months been sending out poisoned USB devices to US organisations. Read more in my article on the Tripwire State of Security blog.

Cybercrime 141

Cybercrime Ransomware Malware 141

We Live Security

JANUARY 13, 2022

Is loyalty fraud on your radar? Here's why your hard-earned reward points and air miles may be easy pickings for cybercriminals. The post Making loyalty pay: How to keep your loyalty rewards safe from scammers appeared first on WeLiveSecurity.

Scams 140

Scams 140

Bleeping Computer

JANUARY 13, 2022

Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there. [.].

Malware 143

Malware Antivirus 143

CSO Magazine

JANUARY 13, 2022

On January 5, 2022, the Department of Justice (DoJ) announced the FBI’s arrest of Italian citizen Filippo Bernardini at JFK International Airport in New York for wire fraud and aggravated identity theft. With the arrest of Bernardini, the DoJ unsealed a grand jury indictment dated July 14, 2021, of Bernardini that revealed a “multi-year scheme to impersonate individuals involved in the publishing industry in order to fraudulently obtain hundreds of prepublication manuscripts of novel and other f

Social Engineering 139

Social Engineering Identity Theft Engineering 139

eSecurity Planet

JANUARY 13, 2022

An astonishing incident in recent days highlights the risks of widespread dependence on open source software – while also highlighting the free labor corporations benefit from by using open source software. Marak Squires, an open source coder and maintainer, sabotaged his repository to protest against unpaid work and his failed attempts to monetize faker.js and color.js , two major NPM packages used by a huge range of other packages and projects.

Software 131

Software Accountability Malware Risk 131

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

CSO Magazine

JANUARY 13, 2022

Credential stuffing is a cyberattack in which exposed usernames and passwords are used to gain fraudulent access to user accounts through large-scale, automated login requests. High account usage, password reuse, and vast volumes of breached credentials on the dark web create the perfect storm for cybercriminals to carry out credential stuffing campaigns, while tactics used by malicious actors make identifying and preventing credential stuffing attempts a significant challenge for organizations.

CSO 130

CSO Data breaches Passwords Accountability 130

Security Boulevard

JANUARY 13, 2022

On January 13th, researchers from Orca Security published a vulnerability found in the AWS CloudFormation API, a service that helps users model and set up their AWS resources. The vulnerability allowed the researchers to get file and credential disclosure primitives on an internal AWS service and leverage these to leak sensitive files found on the CloudFormation vulnerable machines.

129

129

SecureList

JANUARY 13, 2022

BlueNoroff is the name of an APT group coined by Kaspersky researchers while investigating the notorious attack on Bangladesh’s Central Bank back in 2016. A mysterious group with links to Lazarus and an unusual financial motivation for an APT. The group seems to work more like a unit within a larger formation of Lazarus attackers, with the ability to tap into its vast resources: be it malware implants, exploits, or infrastructure.

Cryptocurrency 127

Cryptocurrency Malware Accountability Banking 127

Security Boulevard

JANUARY 13, 2022

Cyberattacks have been growing in frequency and severity over the past 10 years and have increased exponentially since the onset of widespread remote and digital work. The pressure is on for organizations to prioritize building and implementing a comprehensive security strategy to avoid becoming the latest cyberattack headline. Proactive, preventative testing is a critical way.

Penetration Testing 127

Penetration Testing Cybersecurity 127

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

JANUARY 13, 2022

A privilege escalation vulnerability impacting all Windows versions that can let threat actors gain domain admin privileges through an NTLM relay attack has received unofficial patches after Microsoft tagged it as "won't fix." [.].

126

126

Security Boulevard

JANUARY 13, 2022

Ransomware is the most destructive kind of cyber attack due to the massive financial losses it inflicts on organisations worldwide. According to IBM, on average, it takes 280 days to detect any threats in the system. For this reason, experts have always advocated that threat hunting-led ransomware detection and prevention must be rigorously and actively […].

Ransomware 124

Ransomware Cyber Attacks Malware 124

Bleeping Computer

JANUARY 13, 2022

Ukrainian police officers have arrested a ransomware affiliate group responsible for attacking at least 50 companies in the U.S. and Europe. [.].

Ransomware 141

Ransomware Technology 141

Malwarebytes

JANUARY 13, 2022

Five days after the new year, the Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico suddenly went on lockdown. The reason? A ransomware cyberattack has knocked the jail’s internet connection offline, rendering most of their data systems, security cameras, and automatic doors unusable. Prisoners were confined in their cells while MDC technicians struggled to get everything back up and running again.

Ransomware 123

Ransomware Internet Internet Cyber Attacks 123

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

JANUARY 13, 2022

The North Korean threat actor group known as 'BlueNoroff' has been spotted targeting cryptocurrency startups with malicious documents and fake MetaMask browser extensions. [.].

Cryptocurrency 123

Cryptocurrency 123

Dark Reading

JANUARY 13, 2022

While these roles have different needs, drivers, and objectives, they should complement each other rather than compete with one another.

CISO 141

CISO 141

Security Boulevard

JANUARY 13, 2022

In 2020 and 2021 BlackFog measured publicly disclosed attacks globally. The 2021 ransomware attack report summarizes these findings and highlights the key trends as we enter 2022. The post 2021 Ransomware Attack Report appeared first on Security Boulevard.

Ransomware 120

Ransomware 120

Trend Micro

JANUARY 13, 2022

A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to the discovery of CVE-2021-30995.

123

123

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Dark Reading

JANUARY 13, 2022

The good news is that you can take steps to avoid advanced persistent threats. The bad news is that it might cost you iMessage. And FaceTime.

136

136

Bleeping Computer

JANUARY 13, 2022

The Federal Communications Commission (FCC) has proposed more rigorous data breach reporting requirements for telecom carriers in response to breaches that recently hit the telecommunications industry. [.].

Data breaches 120

Data breaches Telecommunications 120

The Hacker News

JANUARY 13, 2022

Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry. Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007.

Banking 117

Banking Encryption Malware Cybersecurity 117

Security Boulevard

JANUARY 13, 2022

The Log4J vulnerability has sounded the cyber-security alarms around the globe. This is a part of the Apache Logging Services, a project of the Apache Software Foundation. Log4J is used. The post What is Log4j Vulnerability? appeared first on vSecureLabs. The post What is Log4j Vulnerability? appeared first on Security Boulevard.

Software 117

Software 117

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

CyberSecurity Insiders

JANUARY 13, 2022

A Ransomware attack on US Jail has reportedly locked down inmates in their respective cells as the access to their automated doors was knocked out completely since January 5th,2021. The jail in discussion is Metropolitan Detention Center, Albuquerque, New Mexico despite that, reports are in that the situation seems to be slowly coming under control–all because of the hard work of the IT staff who were working 24/7 to bring back the operations to normalcy.

Ransomware 115

Ransomware Surveillance Internet Internet 115

Security Boulevard

JANUARY 13, 2022

Our thanks to Security BSides London for publishing their tremendous videos from the Security BSides London 2021 Conference on the organization’s YouTube channel. Enjoy! Permalink. The post Security BSides London 2021 – James Bore’s ‘This Is How The World Ends (Not With A Bang, But With A FUD)’ appeared first on Security Boulevard.

Education 117

Education InfoSec Information Security Cybersecurity 117

Threatpost

JANUARY 13, 2022

Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.

Accountability 114

Accountability Malware Hacking 114

Security Boulevard

JANUARY 13, 2022

Talent shortages continue to pose problems for organizations wanting to strengthen their cybersecurity postures. With new threat actors entering the fray all the time and deploying increasingly sophisticated attack techniques, it’s a struggle to cope with the deluge of threats. Defense-in-depth requires a combination of security tools and skilled personnel — this article offers several….

Cybersecurity 113

Cybersecurity 113

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.