Schneier on Security

OCTOBER 22, 2021

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures. Recent findings highlight this cluster’s extensive knowledge of telecommunications protocols, including the emulation of these protocols to facilitate command and control (C2

Telecommunications 319

Telecommunications Architecture Mobile Hacking 319

Tech Republic Security

OCTOBER 22, 2021

Immersed in the throes of a cyberattack is not the time to figure out how to respond. An expert offers suggestions on how to create a company-specific incident-response plan.

Small Business 217

Small Business 217

Malwarebytes

OCTOBER 22, 2021

For those of you that remember the fuss about the Y2K bug , this story may sound familiar. The Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning to Critical Infrastructure (CI) owners and operators, and other users who get the time from GPS, about a GPS Daemon (GPSD) bug in GPSD versions 3.20 through 3.22. Y2K. If you don’t remember the Y2K bug, let me remind you quickly.

Authentication 144

Authentication System Administration Firmware Passwords 144

Tech Republic Security

OCTOBER 22, 2021

You don't have to go back to school or blow your budget to train for a career in cybersecurity, which is in high demand right now.

Cybersecurity 177

Cybersecurity 177

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

OCTOBER 22, 2021

SCUF Gaming International, a leading manufacturer of custom PC and console controllers, is notifying customers that its website was hacked in February to plant a malicious script used to steal their credit card information. [.].

Hacking 141

Hacking Manufacturing 141

CyberSecurity Insiders

OCTOBER 22, 2021

CrowdStrike security researchers have discovered that a hacking group dubbed LightBasin aka UNC1945 has been hiding in the networks of renowned telecom networks from the past 5 years, monitoring all their business operations and sending censorious data to remote servers. Revealing the same in a blog post published on Tuesday, the California based endpoint security provider revealed that the said gang of cyber criminals could have easily targeted over 13 telecom networks so far and the count migh

Cyber Attacks 139

Cyber Attacks Telecommunications DNS Government 139

Security Boulevard

OCTOBER 22, 2021

Right now, companies are, for the most part, sitting ducks when it comes to ransomware. Sure, they can do things to harden their security; mitigate the problems of phishing and malware, back up their data for ultimate recovery and enhance their incident response program. There are also some things they can do to make their. The post Why Not Hold Ransomware Attackers Hostage for a Change?

Ransomware 134

Ransomware Phishing Malware Encryption 134

Bleeping Computer

OCTOBER 22, 2021

Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster. [.].

Ransomware 141

Ransomware 141

Tech Republic Security

OCTOBER 22, 2021

From managing backups and Linux distributions to troubleshooting hard drive failure and protecting company data, it's easy to see why IT pros are overwhelmed and overworked.

Backups 118

Backups 118

We Live Security

OCTOBER 22, 2021

Employee use of unsanctioned hardware and software is an increasingly acute problem in the remote and hybrid work era. The post What’s lurking in the shadows? How to manage the security risks of shadow IT appeared first on WeLiveSecurity.

Risk 127

Risk Software Cybersecurity 127

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Threatpost

OCTOBER 22, 2021

The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk.

Malware 127

Malware Risk 127

Bleeping Computer

OCTOBER 22, 2021

The Cybersecurity and Infrastructure Security Agency (CISA) warned that GPS deices might experience issues over the weekend because of a timing bug impacting Network Time Protocol (NTP) servers running the GPS Daemon (GPSD) software. [.].

Software 127

Software Cybersecurity Technology 127

The Hacker News

OCTOBER 22, 2021

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library.

Malware 125

Malware Cybersecurity 125

CyberSecurity Insiders

OCTOBER 22, 2021

For many good reasons, cyber-security is a primary concern for businesses. Malicious cyberattacks may devastate your infrastructure in a variety of ways. Everything from smartphones to servers and data may be jeopardized. Your company’s network links devices and nodes so they may interact with one another. Networks allow devices to communicate data and information, which is critical for the running of a business.

Cybercrime 120

Cybercrime Cyber threats Digital transformation Data breaches 120

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Threatpost

OCTOBER 22, 2021

A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.

Government 123

Government Backups Ransomware Malware 123

Dark Reading

OCTOBER 22, 2021

Following the PrintNightmare case, printer security has become a hot issue for security teams. Here are seven ways to keep printers secure on enterprise networks.

122

122

Heimadal Security

OCTOBER 22, 2021

Conti ransomware is an extremely damaging malicious actor due to the speed with which encrypts data and spreads to other systems. The cyber-crime action is thought to be led by a Russia-based group that goes under the Wizard Spider pseudonym. Conti Ransomware Modus Operandi The group is using phishing attacks in order to install the […]. The post What Is Conti Ransomware?

Ransomware 112

Ransomware Phishing Encryption Cybersecurity 112

Dark Reading

OCTOBER 22, 2021

When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.

Cybersecurity 144

Cybersecurity 144

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Webroot

OCTOBER 22, 2021

Remote access has helped us become more interconnected than ever before. In the United States alone, two months into the pandemic, approximately 35% of the workforce was teleworking. The growth of remote access allowed individuals to work with organizations and teams they don’t physically see or meet. However, the demand for remote access has critical implications for security.

VPN 112

VPN Penetration Testing Education Security Awareness 112

CSO Magazine

OCTOBER 22, 2021

The CIS Controls Self Assessment Tool (CIS CSAT) allows organizations to perform assessments on their implementation of the CIS Critical Security Controls (CIS Controls). You can track progress over time and identify areas for improvement. CIS CSAT Pro is the on-premises version of CSAT, and is available to CIS SecureSuite Members. This blog walks you through some of the new features that were added in the last three releases: v1.5, v1.6, and v1.7.

111

111

Security Affairs

OCTOBER 22, 2021

Groove ransomware operators call on other ransomware groups to stop competing and join the forces to fight against the US. The Groove ransomware gang is calling on other ransomware groups to attack US public sector after a an operation of of law enforcement shut down the infrastructure of the REvil gang. “The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one fo

Ransomware 111

Ransomware Hacking Government Information Security 111

The Hacker News

OCTOBER 22, 2021

The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme.

Penetration Testing 106

Penetration Testing Ransomware Cybercrime Engineering 106

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Heimadal Security

OCTOBER 22, 2021

The DNS in and of itself has never been secure. Being created in the 1980s when the Internet was a complete novelty, protection had not been a priority in its design. Throughout time, this has led malicious actors to take advantage of this issue and develop elaborate attack techniques that leverage the DNS, such as […]. The post All You Need to Know About DNS Spoofing to Keep Your Organization Safe appeared first on Heimdal Security Blog.

DNS 105

DNS Internet Internet 105

Digital Guardian

OCTOBER 22, 2021

A GPS software bug, helping nonprofits defend against nation state attacks, and the DOJ wants more incident reporting - catch up on the infosec news of the week with the Friday Five!

InfoSec 105

InfoSec Software 105

Bleeping Computer

OCTOBER 22, 2021

Between law enforcement operations, REvil's second shut down, and ransomware gangs' response to the hacking of their servers, it has been quite the week. [.].

Ransomware 112

Ransomware Hacking 112

The Hacker News

OCTOBER 22, 2021

A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints.

Malware 106

Malware 106

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Graham Cluley

OCTOBER 22, 2021

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Strong identity authentication is more important than ever as organizations face an unprecedented level of attacks targeting their ever-changing ecosystem of employees, partners, and customers. An intelligence-driven approach to identity protection disrupts … Continue reading "Recorded Future Identity Intelligence prevents identity fraud and disrupts attacke

Authentication 104

Authentication 104

The Hacker News

OCTOBER 22, 2021

A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China.

Internet 104

Internet Internet Technology Malware 104

Security Affairs

OCTOBER 22, 2021

Bitdefender researchers discovered a new Rootkit named FiveSys that abuses Microsoft-Issued Digital Signature signature to evade detection. FiveSys is a new rootkit discovered by researchers from Bitdefender, it is able to evade detection by abusing a Microsoft-issued digital signature. Driver packages that pass Windows Hardware Lab Kit (HLK) testing can be digitally-signed by Microsoft WHQL (Windows Hardware Quality Labs).

Malware 100

Malware DNS Internet Internet 100

Malwarebytes

OCTOBER 22, 2021

Gaming security is getting a lot of attention at the moment. Rightly so; it’s a huge target for scammers and malware authors. Malicious ads, fake games, survey scams, phishing attacks…whatever you can think of, it’s in use. Some target kids and steal their accounts, selling them on. Others go after parents, who have their payment details tied to various platforms and consoles.

Accountability 104

Accountability Banking Scams Password Management 104

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.