Fri.Dec 17, 2021

article thumbnail

Weekly Update 274

Troy Hunt

As I start out by saying this week's video, it's very summer here and not a day goes by without multiple pool visits. Next week's video is going to be from somewhere epically amazing out of this world that I've wanted to go to for a long time now so stay tuned for that one as I go mobile again. Somehow, today's video stretched out beyond an hour with what felt like a list of pretty minor discussion points, but plenty of good questions and commentary along the way.

Mobile 291
article thumbnail

Log4J: What You Need to Know

Adam Levin

The entire technology industry received a sizable lump of coal in their collective stocking earlier this week in the form of two major security vulnerabilities in a widely-used software tool. Here’s a quick breakdown of what it means for internet users. What is Log4J? Log4J is an open-source software tool used to log activity on internet-based services and software.

Internet 208
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How password troubles could cost your online business potential sales

Tech Republic Security

One in four online shoppers surveyed by Beyond Identity said they'd abandon a shopping cart of $100 or more if they had to reset their password to check out.

Passwords 148
article thumbnail

Understanding the Impact of Apache Log4j Vulnerability

Google Security

Posted by James Wetter and Nicky Ringland, Open Source Insights Team More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package repository), have been impacted by the recently disclosed log4j vulnerabilities ( 1 , 2 ), with widespread fallout across the software industry. The vulnerabilities allow an attacker to perform remote code execution by exploiting the insecure JNDI lookups feature exposed by the logging library log4j.

Software 145
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Encrypt your emails from end to end for a lifetime with this software

Tech Republic Security

When only the utmost privacy will do for the messages you exchange by e-mail, you need a service that protects them entirely, but many additional privacy and security features are a big help.

article thumbnail

NSO Zero-Click Exploit: Turing-Complete CPU in Image File

Security Boulevard

Researchers have reverse engineered NSO group’s recent zero-click iPhone exploit. And it’s a doozy. The post NSO Zero-Click Exploit: Turing-Complete CPU in Image File appeared first on Security Boulevard.

More Trending

article thumbnail

Securing Kubernetes With XDR

Security Boulevard

Kubernetes is at the forefront of the container orchestration market. A majority of organizations running container workloads manage at least some of them via Kubernetes. However, according to the Red Hat State of Kubernetes Security report, 94% of organizations encountered a serious security incident within their container environment. Of these, 69% of these incidents were.

Marketing 141
article thumbnail

The Value of Certifications

Javvad Malik

“How does your degree compare to my 10 years practical work experience?”. This was something my very first manager used to say often to me and other fresh-faced graduates. He had a point – we knew nothing about the business, any of the tools, or the job compared to him, or indeed anyone else who had been working more than three days at the bank. But we had come in on the exclusive ‘graduate programme’ touted as the future of the workforce.

article thumbnail

Three ways banks can ensure a sustainable future

CyberSecurity Insiders

North American audiences are demanding sustainable corporate initiatives more than ever.??Both large financial institutions as well as community banks and credit unions are responding to growing awareness to step up pro-environmental standards from various stakeholders including consumers, employees, investors, competitors, eco-system partners and government entities.?

Banking 137
article thumbnail

How to Respond to Apache Log4j using Cisco Secure Analytics

Cisco Security

IT and Security professionals worldwide are working to assess and mitigate their exposure to Apache Log4j vulnerability (CVE-2021-44228). The following guide has been put together for current Secure Network Analytics and Secure Cloud Analytics customers, providing suggested ways to leverage your deployment to assist in your detection and response efforts.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Beware of Spider Man No Way Home movie Cyber Fraud

CyberSecurity Insiders

Spider Man No Way Home has released worldwide on December 16th,2021 and is on its way to become a blockbuster. However, on the negative side, some fraudsters are using the name of the movie and are trying to fox online users by luring them into various cyber frauds. One such fraud that the security researchers of Kaspersky have discovered is the spread of malicious files and phishing attacks via email and mobile SMS.

article thumbnail

Cloud Computing: Benefits, Disadvantages & Types of Cloud Computing Services

Security Boulevard

Cloud computing is the delivery of computing resources over the internet. Learn about its benefits and how to better protect your SaaS data. The post Cloud Computing: Benefits, Disadvantages & Types of Cloud Computing Services appeared first on Security Boulevard.

Internet 132
article thumbnail

Security firm Blumira discovers major new Log4j attack vector

Zero Day

A basic Javascript WebSocket connection can trigger a local Log4j remote code attack via a drive-by compromise. Wonderful. Truly wonderful.

145
145
article thumbnail

Conti ransomware gang exploits Log4Shell bug in its operations

Security Affairs

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Cybersecurity: Go from novice to expert with this course bundle

Tech Republic Security

You don't need to go back to school or have any tech background whatsoever. You can switch to a tech career after just one of these self-paced courses.

article thumbnail

Has the pandemic increased the burnout rate in the Cybersecurity profession?

CyberSecurity Insiders

This blog was written by an independent guest blogger. In the last 18 months, many people have learned a lot about themselves. The solitude of lockdowns, isolation, remote work, and seemingly endless video meetings have taxed everyone’s mental health. One would think that cybersecurity would have been unaffected by these shifts in working environments and habits.

article thumbnail

How to Prevent Customer Support Help Desk Fraud Using VPN and Other Tools

The Hacker News

It's no secret that the internet isn't a very safe place. And it's not hard to understand why. It's a medium that connects billions of people around the world that affords bad actors enough anonymity to wreak havoc without getting caught. It's almost as if the internet's tailor-made to enable scams and fraud. And that's just what it does. Right now, the world's on track to lose $10.

VPN 121
article thumbnail

Lenovo Laptops Vulnerable to Privilege Escalation Exploit

Heimadal Security

A privilege elevation flaw impacting the ImControllerService service in Lenovo laptops, including ThinkPad and Yoga models, enables cybercriminals to perform commands with admin rights. According to BleepingComputer, the vulnerabilities are identified as CVE-2021-3922 and CVE-2021-3969 and impact the ImControllerService component of all Lenovo System Interface Foundation versions below 1.1.20.3.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

CISA urges VMware admins to patch critical flaw in Workspace ONE UEM

Bleeping Computer

CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information. [.].

136
136
article thumbnail

BrandPost: Three Advantages of Integrated Security at the LAN Edge

CSO Magazine

The LAN edge presents a broad and potentially vulnerable target for cyber criminals, and many LAN solutions lack built-in security, so they end up being secured with add-on solutions that add cost and complexity. Even solutions that have security often aren't integrated with the LAN edge, which can lead to opportunities for configurations to drift and cybercriminals to slip through the gaps.

117
117
article thumbnail

Phorpiex Botnet Is Becoming Harder to Disrupt

Heimadal Security

Phorpiex/Trik is an SDBot fork (therefore IRC-based) used to spread GandCrab, Pushdo, Pony, and coin miners. The previously retired Phorpiex botnet has resurfaced with new peer-to-peer command and control architecture, making the virus more difficult to destroy. A botnet is a network of infected computers or other internet-connected devices, that communicate with each other in order […].

article thumbnail

Log4Shell – The API Security Challenge

Security Boulevard

Last week’s Log4Shell vulnerability is a dramatic example of how modern applications, interconnected services and pervasive APIs can create substantial security challenges. As a security researcher who has spent years looking at API vulnerabilities, this is an excellent example of how things can go wrong. I recently was in a webinar explaining the details of.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Monero Miners Injected in Log4j Through RMI

Heimadal Security

These past few days have been about the most important vulnerability discovered lately. The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Is Happening? As reported by BleepingComputer, in order to increase their chances of success, some […].

article thumbnail

Implementing and Managing Your SIEM Securely: A Checklist

eSecurity Planet

Some companies use cloud-based security information and event management (SIEM) , and others use SIEM that has been installed in a local data center. These on-premises SIEMs can be run on Windows Servers, Linux Servers, and within virtual machines (VMs) or containers. While the security vulnerabilities for each of these instances will be unique and highly dependent upon setup, you can still verify your security using the same checklist, which we’ll give the acronym VIDA DUCA for the steps

Software 108
article thumbnail

BrandPost: The Fearless CISO: 4 Ways to Secure Everything

CSO Magazine

Cyberattacks in 2021 continued to steadily increase in volume and sophistication. Ransomware continued its ruthless path across industries, often putting lives at risk. Ransomware attacks have also become increasingly simple to carry out with toolkits, such as in the case of the Colonial Pipeline attack that disrupted businesses and daily life for many businesses and individuals.

CISO 107
article thumbnail

Netlogon. What It Is and Why It’s Important?

Heimadal Security

Netlogon is a Windows Server procedure allowing users and other domain services to get authenticated. Since it is a service rather than an application, Netlogon permanently runs in the background, and it can be terminated intentionally or as a result of a runtime fault. What Is the NRPC protocol? The Microsoft Windows Netlogon Remote Protocol […].

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. VMware has addressed a critical server-side request forgery (SSRF) vulnerability, tracked as CVE-2021-22054 , in the Workspace ONE UEM console. An attacker with network access to UEM could exploit the vulnerability to access sensitive data in the management console.

article thumbnail

How Risky Is the Log4J Vulnerability?

Dark Reading

Security teams around the world are on high alert dealing with the Log4j vulnerability, but how risky is it, really?

127
127
article thumbnail

New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021

The Hacker News

Industrial and government organizations, including enterprises in the military-industrial complex and research laboratories, are the targets of a new malware botnet dubbed PseudoManyscrypt that has infected roughly 35,000 Windows computers this year alone.

Malware 101
article thumbnail

Protecting Against the Log4j (Log4Shell) Vulnerability – What is it & What Actions Can You Take?

Security Boulevard

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. Now, almost one week later, it is clear that countless millions of devices are at risk, and Log4j may rank among the worst vulnerabilities yet seen. . Since we became aware of Log4j late last week, Morphisec has investigated this emerging threat.

Risk 100
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.