Wed.Jan 06, 2021

article thumbnail

Backdoor in Zyxel Firewalls and Gateways

Schneier on Security

This is bad : More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. […]. Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the “zyfwp” username and the “PrOw!

Firewall 298
article thumbnail

How to customize your sudo password prompt

Tech Republic Security

If you're looking for a way to easily warn your admins to use caution when working with sudo, Jack Wallen has a sure-fire method.

Passwords 202
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

US Government: Russia “Likely” Behind SolarWinds Breach

Adam Levin

The Cyber Unified Coordination Group (UCG), a task force composed of U.S. cybersecurity, intelligence, and law enforcement agencies, announced earlier this week that Russia was “likely” responsible for the 2020 SolarWinds data breach. In a joint statement , the Cybersecurity and Infrastructure Security Agency (CISA), Office of the Director of National Intelligence (ODNI), NSA, and FBI announced that “an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or

article thumbnail

US government fingers Russia for SolarWinds-based cyberattack

Tech Republic Security

A joint statement from the FBI, NSA, and other federal agencies says the cyber incident was likely Russian in origin.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

How You Can Start Learning Malware Analysis

Lenny Zeltser

Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who’s helped thousands of security professionals learn how to analyze malware at SANS Institute , I have a few tips for how you can get started.

Malware 145
article thumbnail

Friction Affliction: How to Balance Security With User Experience

Dark Reading

There's a fine line between protecting against suspicious, malicious, or unwanted activity and making users jump through hoops to prove themselves.

142
142

More Trending

article thumbnail

New TCP/IP Vulnerabilities Expose IoT, OT Systems

eSecurity Planet

Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. Dubbed AMNESIA:33, these newly identified vulnerabilities include four broadly used TCP/IP stacks and have left more than 150 vendors potentially compromised.

IoT 115
article thumbnail

Customizing your sudo password prompt

Tech Republic Security

If you're looking for a way to easily warn your admins to use caution when working with sudo, Jack Wallen has a sure-fire method.

Passwords 124
article thumbnail

WhatsApp will share your data with Facebook and its companies

Security Affairs

WhatsApp is notifying users that starting February 8, 2021, they will be obliged to share their data with Facebook, leaving them no choice. This is bad news for WhatsApp users and their privacy, the company is notifying them that starting February 8, 2021, they will be requested to share their data with Facebook companies. Curiously the announcement comes a few days after the company has updated its Privacy Policy and Terms of Service. ,, “Respect for your privacy is coded into our DNA,

article thumbnail

Activists Publish a Vast Trove of Ransomware Victims' Data

WIRED Threat Level

WikiLeaks successor DDoSecrets has amassed a controversial new collection of corporate secrets and is sharing them in the name of transparency.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

Threatpost

More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.

Firewall 113
article thumbnail

Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack

Security Affairs

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The vulnerability received a CVSS score of 7.8, it could be exploited by an attacker to login with administrative privileges and take over the networking devices.

Firmware 110
article thumbnail

Request for Comments: SPoC Unsupported Operating Systems Annex

PCI perspectives

From 6 January 2021 to 4 February 2021, PCI SSC stakeholders can participate in a Request for Comments (RFC) on the new SPoC Unsupported Operating Systems Annex draft.

Mobile 98
article thumbnail

NSA Urges SysAdmins to Replace Obsolete TLS Protocols

Threatpost

The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Google fixed a critical Remote Code Execution flaw in Android

Security Affairs

Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google released an Android security update that addresses 43 flaws, including a critical remote code execution vulnerability in the Android System component tracked as CVE-2021-0316. Google addressed the flaws with the release of Security patch levels of 2021-01-05 or later. “The most severe of these issues is a critical security vulnerability in the Sy

Media 94
article thumbnail

Nissan Source Code Leaked via Misconfigured Git Server

Dark Reading

Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.

Mobile 110
article thumbnail

Feds Issue Recommendations for Maritime Cybersecurity

Threatpost

Report outlines deep cybersecurity challenges for the public/private seagoing sector.

article thumbnail

Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic

Dark Reading

In the past two months alone, attacks against the sector soared 45% - more than double the rate of other sectors, Check Point says.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Top 5 Tips for Securing Your Dev & Test Environments, and Why You Should

SecurityTrails

Find the most popular tips to secure your test and dev environments, and the best tools to discover development hosts.

98
article thumbnail

Ticketmaster Pays Up for Hacking a Rival Company

WIRED Threat Level

Employees admitted to using stolen passwords and URL guessing to access confidential data.

Hacking 103
article thumbnail

SolarWinds Sued Following Data Breach

SecureWorld News

When an organization suffers a data breach, there are almost certainly two things that will follow. The first is incident response to properly manage the situation. And the second is a lawsuit from angered customers or investors who had their information stolen or lost some money. This is exactly the kind of situation that is currently playing out with SolarWinds after the company's data breach.

article thumbnail

DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks

Dark Reading

Three percent of email accounts were breached, the Department of Justice reports.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

How to Delete Malware From Your Website: A Guide to Defending Your Digital Presence

SiteLock

According to recent data, a whopping 17.6 million of the world’s websites are infected with malware. You may be wondering: How can you tell if you have malware? And once your site is infected, how can malware be removed? Here, we’ll answer both questions—showing you how to delete malware from your site and defend your […]. The post How to Delete Malware From Your Website: A Guide to Defending Your Digital Presence appeared first on The SiteLock Blog.

Malware 63
article thumbnail

6 Open Source Tools for Your Security Team

Dark Reading

Open source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.

115
115
article thumbnail

Feds Add Context to Solar Winds Breach

SecureWorld News

More aftermath updates now as a result of the SolarWinds cyberattack. The FBI, CISA, ODNI, and NSA joined together to create a new task force, the Cyber Unified Coordination Group (UCG). This group formed to coordinate an investigation into the SolarWinds breach. It also offered new context this week on the extent of the breach, the nation-state evidence, and a possible motive.

article thumbnail

How to Protect Your Organization's Digital Footprint

Dark Reading

As the digital risk landscape evolves and grows, organizations must stay vigilant against online threats.

Risk 110
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

3 AppSec Predictions For 2021

ForAllSecure

As we look into the new year, we see three trends emerging for application security. DevOps/DevSecOps drive fuzzing mainstream. The 2020 Standard C++ Foundation annual survey showed that 37% of developers are now using fuzzing in concert with continuous deployment. We expect fuzzing to continue to grow and become standard in DevOps/DevSecOps pipelines.

article thumbnail

Looking back at 2020: A Year in Review

Digital Shadows

2020 is truly an extraordinary year (and some aspects worse than others). This year was also made up of some. The post Looking back at 2020: A Year in Review first appeared on Digital Shadows.

article thumbnail

3 AppSec Predictions For 2021

ForAllSecure

As we look into the new year, we see three trends emerging for application security. DevOps/DevSecOps drive fuzzing mainstream. The 2020 Standard C++ Foundation annual survey showed that 37% of developers are now using fuzzing in concert with continuous deployment. We expect fuzzing to continue to grow and become standard in DevOps/DevSecOps pipelines.

article thumbnail

Farewell Flash, Forevermore

Duo's Security Blog

Dear Flash, You helped us get our coding legs with Dreamweaver on sites like MySpace and the early web, but you were easily overtaken and hackable. The security and performance holes in your programming famously had Steve Jobs ban you from hardware running the iOS operating systems in his open letter “Thoughts on Flash” in 2010. By 2017, your end of life (EOL) fate was cemented when Adobe, Apple, Google, Microsoft, Mozilla and Facebook agreed to phase your content and technology out of their pro

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.