Schneier on Security

NOVEMBER 20, 2020

Symantec is reporting on an APT group linked to China, named Cicada. They have been attacking organizations in Japan and elsewhere. Cicada has historically been known to target Japan-linked organizations, and has also targeted MSPs in the past. The group is using living-off-the-land tools as well as custom malware in this attack campaign, including a custom malware — Backdoor.Hartip — that Symantec has not seen being used by the group before.

Malware 296

Malware 296

Krebs on Security

NOVEMBER 20, 2020

A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just under three years in prison. The defendant is part of an alleged conspiracy involving at least eight others in the United States who stand accused of theft via SIM swapping , a crime that involves convincing mobile phone company employees to transfer ownership of the target’s phone number to a device the attackers control.

Cryptocurrency 235

Cryptocurrency Mobile Authentication Accountability 235

Tech Republic Security

NOVEMBER 20, 2020

IBM, Honeywell, and Intel are just three companies leading the way in building quantum machines as well as the algorithms and controls to run them. Learn about possible business use cases for quantum.

218

218

Security Affairs

NOVEMBER 20, 2020

Authorities in India believe that a major power outage that occurred in October in Mumbai may have been caused by hackers. On October 13, a major power outage occurred in the metropolitan area of Mumbai causing the partial disruption of the traffic management systems and the paralysis of the rail traffic and also impacted work at the stock exchange.

Cyber Attacks 139

Cyber Attacks Media DDOS Hacking 139

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

NOVEMBER 20, 2020

Risk professionals relying on questionnaire-based assessments could be in for a rude awakening, according to Mastercard's RiskRecon and the Cyentia Institute.

Risk 177

Risk 177

Security Affairs

NOVEMBER 20, 2020

The QakBot banking trojan has dropped the ProLock ransomware, they are now opting for the Egregor ransomware in their operations. Group-IB, a global threat hunting and intelligence company headquartered in Singapore, has discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. Egregor has been actively distributed since September 2020 and has so far hit at least 69 big companies in 16 countries.

Ransomware 126

Ransomware Retail Banking Encryption 126

Anton on Security

NOVEMBER 20, 2020

Sometimes great old blog posts are hard to find (especially on Medium ), so I decided to do a periodic (who am I kidding, occasional?—?not periodic ) list blog with my favorite posts of the past quarter or so. Here is my first. The posts below are ranked by lifetime views and topic. It covers both Anton on Security and my posts from Google Cloud blog.

Threat Detection 100

Threat Detection Encryption Government Cybersecurity 100

Security Affairs

NOVEMBER 20, 2020

Mitsubishi Electric Corp. was hit by a new cyber attack that may have caused the leakage of information related to its business partners. Mitsubishi Electric Corp. was hit again by a massive cyberattack that may have caused the leakage of information related to its business partners. “Company officials on Nov. 20 said they were checking the 8,653 accounts of those it has business transactions with to determine if information related to bank accounts of the other parties as well as other in

Banking 123

Banking Cyber Attacks Accountability Media 123

Threatpost

NOVEMBER 20, 2020

The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them.

Mobile 132

Mobile 132

Security Affairs

NOVEMBER 20, 2020

Facebook has addressed a security vulnerability in its Messenger for Android app that could have allowed attackers to spy on users. Facebook has addressed a major security issue in its Messenger for Android app that could have allowed threat actors to spy on users by placing and connecting Messenger audio calls without their interaction. The vulnerability was discovered by white-hat hacker Natalie Silvanovich, from Google’s Project Zero team.

Engineering 120

Engineering Hacking 120

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

PCI perspectives

NOVEMBER 20, 2020

When the PCI Security Standards Council (PCI SSC) developed its Software Security Framework (SSF) a few years ago, it relied on the expertise of a Software Security Task Force. As part of this task force, SAFECode, along with other industry partners, played an instrumental role in the development of the framework and its standards.

Software 98

Software Risk 98

Security Affairs

NOVEMBER 20, 2020

VMware has addressed two serious ESXi vulnerabilities that were demonstrated at the Tianfu Cup International PWN Contest. VMware has released patches for two serious ESXi vulnerabilities that were disclosed during the 2020 Tianfu Cup International PWN Contest. The Tianfu Cup is the most important hacking contest held in China, the total bonus of the contest this year was up to 1 million US dollars.

Hacking 110

Hacking Firmware Government Software 110

Dark Reading

NOVEMBER 20, 2020

With the release of the "Threat Modeling Manifesto," a group of 16 security professionals hope to prompt more companies to consider the threats to software.

Software 109

Software 109

Threatpost

NOVEMBER 20, 2020

The information exposed in a public cloud bucket included PII, church-donation information, photos and users' contact lists.

Data breaches 111

Data breaches Mobile 111

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Dark Reading

NOVEMBER 20, 2020

Cyberattacks are run like military attacks, in four main phases: reconnaissance, attack, exfiltration, and maintaining position. Understanding this makes fighting back easier.

132

132

SecureWorld News

NOVEMBER 20, 2020

There has probably been a time in your life when you created a new account for a website or service and chose a password that was less than ideal. You are note alone—clearly. NordPass, a password manager company, recently released its list of the worst passwords of 2020. The list goes into detail and shows how many times a password was used, exposed in a data breach, and how long it would take to guess the password in a brute force attack, where automated attempts to login are underway.

Passwords 91

Passwords Password Management Data breaches Accountability 91

Threatpost

NOVEMBER 20, 2020

The critical and important-severity flaws were found by a team at the China-based Tiunfu Cup hacking challenge.

Hacking 115

Hacking 115

Dark Reading

NOVEMBER 20, 2020

Ransomware can easily make a connection between IT and OT already. How can blue teams do the same?

IoT 122

IoT Ransomware 122

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Threatpost

NOVEMBER 20, 2020

Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far.

Data breaches 115

Data breaches Hacking 115

Dark Reading

NOVEMBER 20, 2020

A critical flaw in Facebook Messenger on Android would let someone start an audio or video call without the victim's knowledge.

142

142

Threatpost

NOVEMBER 20, 2020

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.

Phishing 103

Phishing Social Engineering Engineering 103

The Security Ledger

NOVEMBER 20, 2020

Chinese electronics giant TCL has acknowledged security holes in some models of its smart television sets, but denies that it maintains a secret "back door" that gives it control over deployed TVs. The post TV Maker TCL Denies Back Door, Promises Better Process appeared first on The Security Ledger. Related Stories Security Holes Opened Back Door To TCL Android Smart TVs Podcast Episode 189: AppSec for Pandemic Times, A Conversation with GitLab Security VP Jonathan Hunt Episode 190: 20 Years, 30

Software 52

Software Technology 52

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

SiteLock

NOVEMBER 20, 2020

Holiday ecommerce shopping is on the rise this year. Here are some security tips from SiteLock to help ensure everyone has a safe holiday shopping experience. The post Ecommerce Security Tips For The Pandemic Holiday appeared first on The SiteLock Blog.

eCommerce 40

eCommerce Small Business Malware 40

GlobalSign

NOVEMBER 20, 2020

IoT security for the US government took a big step with the US Senate unanimously passing the Internet of Things Cybersecurity Improvement Act of 2020.

Cybersecurity 40

Cybersecurity IoT Internet Internet 40

SiteLock

NOVEMBER 20, 2020

SiteLock gives you 5 tips for WordPress security plugins that will help keep your site secure. Contact us today to learn more about WordPress security today. The post 5 Tips For Optimizing Your WordPress Security Plugins appeared first on The SiteLock Blog.

40

40

Adam Levin

NOVEMBER 20, 2020

California’s Employment Development Department (EDD) has sent out communications that contain the Social Security numbers of at least 38 million state residents since the beginning of the Covid-19 pandemic, according to a recent audit. . The EDD’s practice of mailing documents that include the full Social Security numbers of their intended recipients greatly elevates the risk of identity theft, according to California State Auditor Elaine Howle, who urged a halt to the practice in 2019.

Identity Theft 131

Identity Theft Scams Risk 131

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Schneier on Security

NOVEMBER 20, 2020

This is the first video footage of a ram’s horn squid ( Spirula spirula ). As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

279

279