Schneier on Security

MAY 26, 2022

Brian Krebs has an interesting story of a smart ID card reader with a malware-infested Windows driver, and US government employees who inadvertently buy and use them. But by all accounts, the potential attack surface here is enormous, as many federal employees clearly will purchase these readers from a myriad of online vendors when the need arises. Saicoo’s product listings, for example, are replete with comments from customers who self-state that they work at a federal agency (and several

Malware 266

Malware Government Accountability 266

Tech Republic Security

MAY 26, 2022

A recently spotted supply chain attack abused an old but legitimate Python package to deliver a malicious payload. Read more on how the attacker managed to do it and how to protect yourself from it. The post Old Python package comes back to life and delivers malicious payload appeared first on TechRepublic.

152

152

CSO Magazine

MAY 26, 2022

Researchers at Trend Micro have discovered some new Linux-based ransomware that's being used to attack VMware ESXi servers, a bare-metal hypervisor for creating and running several virtual machines (VMs) that share the same hard drive storage. Called Cheerscrypt, the bad app is following in the footsteps of other ransomware programs—such as LockBit, Hive and RansomEXX—that have found ESXi an efficient way to infect many computers at once with malicious payloads.

Ransomware 144

Ransomware Encryption Security Awareness 144

Tech Republic Security

MAY 26, 2022

Looking to secure your network? Microsoft Defender and Trellix are two of the most popular endpoint detection and response software options. Compare the features of these EDR tools. The post Microsoft Defender vs Trellix: EDR software comparison appeared first on TechRepublic.

Software 151

Software Network Security 151

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Dark Reading

MAY 26, 2022

Let the threat landscape guide your company's timeline for complying with new data security standards for credit cards. Use the phase-in time to improve security overall — security as a process — not just comply with new standards.

143

143

Tech Republic Security

MAY 26, 2022

Protect yourself online with this two-year subscription to the Atlas virtual private network. The post Enjoy greater online freedom with Atlas VPN appeared first on TechRepublic.

VPN 148

VPN Software Network Security 148

Tech Republic Security

MAY 26, 2022

Your enterprise needs a VPN. Consider NordLayer as your solution. The post NordLayer makes it easy for businesses to add VPN technology to remote workers appeared first on TechRepublic.

VPN 148

VPN Technology Software Network Security 148

Malwarebytes

MAY 26, 2022

Our spam traps recently caught a phishing scam that neatly illustrates some of the tactics scammers use routinely to avoid both human intuition, and automatic detection. The scam starts with an unsolicited email, of course… The scam email is ostensibly from the Post Office, an instantly recognisable postal service brand in the UK, and it tells recipients “There is a update in your parcel. item stopped due to unpaid customs fee.” [sic] This is an echo of an extremely popular SMS

Scams 139

Scams Phishing Accountability Malware 139

Bleeping Computer

MAY 26, 2022

Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [.].

Authentication 141

Authentication 141

Security Affairs

MAY 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government’s commitment to addressing cyber threats and increasing the resilience of the country to cyber attacks.

Cybersecurity 141

Cybersecurity Cyber threats Technology Government 141

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

CSO Magazine

MAY 26, 2022

Against the backdrop of horrific reports from Russia's Ukraine invasion, an encouraging story emerged earlier this month when unidentified Ukrainians remotely disabled tractors worth $5 million that Russian soldiers in the occupied city of Melitopol stole from Agrotek-Invest, an authorized John Deere dealer. The soldiers stole 27 pieces of farm machinery and shipped them primarily to Chechnya, 700 miles away, only to discover they had been rendered inoperable due to a "kill switch.

138

138

Google Security

MAY 26, 2022

Posted by Anton Bikineev, Michael Lippautz and Hannes Payer, Chrome security team Memory safety in Chrome is an ever-ongoing effort to protect our users. We are constantly experimenting with different technologies to stay ahead of malicious actors. In this spirit, this post is about our journey of using heap scanning technologies to improve memory safety of C++.

Technology 138

Technology Architecture Authentication Software 138

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers have released a proof-of-concept (PoC) exploit and technical analysis for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products.

Authentication 136

Authentication Healthcare Education Cybersecurity 136

Bleeping Computer

MAY 26, 2022

This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. [.].

Ransomware 134

Ransomware 134

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Malwarebytes

MAY 26, 2022

If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect your systems with ChromeLoader. If you think campaigns such as this only target Windows users, you’d sadly be very much mistaken. The attack sucks in several operating systems and even uses mobiles as bait to draw in additional victims. Of PowerShells and ISOs.

Software 132

Software Media Malware Mobile 132

Security Boulevard

MAY 26, 2022

A ransomware attack can hold your organization’s data hostage. Attackers demand payment to release the information. Here are some ways to stop ransomware attacks. 1. Teach User Awareness A key line of defense against ransomware attacks is the users of the computer systems within your organization. You want to make sure your staff is adequately [.]. The post 10 Strategies to Stop Ransomware Attacks appeared first on TechSpective.

Ransomware 123

Ransomware Security Awareness 123

CyberSecurity Insiders

MAY 26, 2022

Social media giant Twitter has been asked to pay a penalty of $150 million by the federal trade commission for failing to protect its user data over a 6-year span. The Financial implication will be redeemed by FTC and the Justice Department on a joint note. According to the order, Twitter which is soon going into the hands of Tesla Chief Elon Musk failed to protect its user info between 2013 to 2019 and was giving false security that it has all measures in place to protect the information that i

Data privacy 124

Data privacy Marketing Media Accountability 124

Security Boulevard

MAY 26, 2022

Is your state implementing a digital driver’s license? You’d better hope it does better than the Australian state of New South Wales. The post Digital Driver’s License Fails Spectacularly — ‘Laughably Easy’ to Forge appeared first on Security Boulevard.

Social Engineering 120

Social Engineering Encryption Technology Security Awareness 120

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

MAY 26, 2022

An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning Facebook. Original post @ [link]. An investigation of the infamous “Is That You?” video scam has led Cybernews researchers to a cybercriminal stronghold, from which threat actors have been infecting the social media giant with thousands of malicious links every day.

Scams 131

Scams Phishing Media Passwords 131

We Live Security

MAY 26, 2022

Listen to Aryeh Goretsky, Martin Smolár, and Jean-Ian Boutin discuss what UEFI threats are capable of and what the ESPecter bootkit tells us about their evolution. The post ESET Research Podcast: UEFI in crosshairs of ESPecter bootkit appeared first on WeLiveSecurity.

121

121

Security Affairs

MAY 26, 2022

Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Below is the list of the four vulnerabilities, the most severe one is a command injection flaw in some CLI commands tracked as CVE-2022-26532 (CVSS v3.1 7.8): CVE-2022-0734 : A cross-site scripting vulnerability was identified i

Firewall 128

Firewall VPN Authentication Cyber Attacks 128

CSO Magazine

MAY 26, 2022

One of the main objectives of the bad guys is to escalate to privileged account access wherever possible. The more unfettered access they can gain to administrative, superuser and infrastructure accounts, the freer rein they have to tap into sensitive data stores, tamper with critical systems, quietly gain carte blanche to do whatever they’d care to with a victim organization’s IT infrastructure and to do it all without being detected.

Accountability 118

Accountability Risk 118

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Bleeping Computer

MAY 26, 2022

The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [.].

Marketing 132

Marketing Ransomware Encryption 132

Security Affairs

MAY 26, 2022

Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary observed a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive browser hijacker that modifies browser settings to redirect user traffic.

Malware 127

Malware Spyware Threat Detection Engineering 127

Bleeping Computer

MAY 26, 2022

Tax software vendor Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. [.].

Phishing 117

Phishing Accountability Software 117

Dark Reading

MAY 26, 2022

Global ransomware incidents target everything from enterprise servers to grounding an airline, with one India-based group even taking a Robin Hood approach to extortion with the "GoodWill" strain.

Ransomware 114

Ransomware 114

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

MAY 26, 2022

Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [.].

116

116

Heimadal Security

MAY 26, 2022

VMware ESXi is a hypervisor created by VMware that is of the enterprise-class and type-1 varieties. It is used for installing and servicing virtual machines. ESXi is a type-1 hypervisor, which means that it is not a software program that is put on an operating system; rather, it incorporates and integrates essential OS components, such […]. The post A New Ransomware Variant Dubbed ‘Cheers’ Was Discovered appeared first on Heimdal Security Blog.

Ransomware 108

Ransomware Software Cybersecurity 108

Bleeping Computer

MAY 26, 2022

Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [.].

Firewall 122

Firewall 122

Appknox

MAY 26, 2022

With the Internet's widespread growth, South Africa has become quite dependent on it for economic affairs. This sharing of self-generated data is a boon to all business transactions and even social interactions.

Cybersecurity 105

Cybersecurity Internet Internet 105

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.