Schneier on Security

JANUARY 21, 2022

China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes. Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped.

Surveillance 316

Surveillance Encryption Wireless Government 316

Krebs on Security

JANUARY 21, 2022

Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club , a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and those selling authentication cookies for a slew of popular websites.

Hacking 273

Hacking Cybercrime Authentication Passwords 273

Troy Hunt

JANUARY 21, 2022

It's mostly breaches this week and that's mostly business as usual, except for one. I didn't know whether I should speak about the one that frankly, upset me, but I felt it would be somewhat disingenuous not to. I couldn't on the one hand build out this "brand", for want of a better term, of transparency and then just shelve a breach and not talk about it because it's too uncomfortable.

Retail 248

Retail 248

Security Boulevard

JANUARY 21, 2022

China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes. Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped.

Encryption 145

Encryption Data collection Surveillance 145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JANUARY 21, 2022

McAfee has patched a security vulnerability discovered in the company's McAfee Agent software for Windows enabling attackers to escalate privileges and execute arbitrary code with SYSTEM privileges. [.].

Software 145

Software 145

The Hacker News

JANUARY 21, 2022

In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer's website were backdoored with malicious code in the first half of September 2021 with the goal of infecting further sites.

Software 144

Software 144

The Hacker News

JANUARY 21, 2022

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41).

Firmware 138

Firmware Malware 138

Security Boulevard

JANUARY 21, 2022

With increased digitization of everything post-pandemic, cybersecurity has become a top concern for global CEOs with almost half planning to increase cybersecurity investment by 9%, according to PwC. Since 85% of breaches involve human error, throwing more money at the problem by buying the latest cybersecurity technology may hit a point of diminishing returns.

Security Awareness 141

Security Awareness Cybersecurity Technology Phishing 141

Security Affairs

JANUARY 21, 2022

McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges. McAfee (now Trellix) has addressed a high-severity vulnerability, tracked as CVE-2022-0166 , that resides in McAfee Agent software for Windows. An attacker can exploit this flaw to escalate privileges and execute arbitrary code with SYSTEM privileges.

Software 138

Software Hacking Accountability Information Security 138

eSecurity Planet

JANUARY 21, 2022

The U.S. government agency overseeing cybersecurity is urging the country’s businesses and other organizations to take the necessary steps to protect their networks from any spillover that might occur from the ongoing cyberattacks aimed at Ukraine government agencies and private companies. In an alert issued this week , the Cybersecurity and Infrastructure Security Agency (CISA) cited a series of cyberattacks perpetrated against public and private Ukrainian organizations as tensions between Ukra

Malware 133

Malware Government Backups Ransomware 133

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

CSO Magazine

JANUARY 21, 2022

Trellix, a new company formed from the merger of cybersecurity giants McAfee Enterprise and FireEye, is intent on becoming the leader in XDR (extended detection and response) technology by combining applications from both of the formerly separate companies into an interoperable suite of products for threat prevention, detection and response. The strategy and the new company name were revealed this week by corporate parent Symphony Technology Group (STG), which acquired and merged McAfee Enterpri

Technology 133

Technology Cybersecurity 133

Security Boulevard

JANUARY 21, 2022

Depending on how you look at it, President Biden’s Wednesday memorandum—which gave the NSA the type of authority over agencies operating national security systems that the Cybersecurity and Information Security Agency (CISA) has on civilian agencies—is either an example of the administration delivering on its promise to bolster cybersecurity or an example of it being.

Cybersecurity 133

Cybersecurity Information Security Security Awareness IoT 133

CSO Magazine

JANUARY 21, 2022

A campaign that uses public cloud service providers to spread malware has been discovered by Cisco Talos. The offensive is the latest example of threat actors abusing cloud services like Microsoft Azure and Amazon Web Services for malicious purposes, security researchers Chetan Raghuprasad and Vanja Svajcer wrote in the Talos blog. To camouflage their activity, the researchers noted, the hackers used the DuckDNS dynamic DNS service to change the domain names of the command-and-control hosts used

DNS 131

DNS Malware 131

Security Boulevard

JANUARY 21, 2022

Do you fear being wrong? We’re under a lot of pressure to always know the right answer. What is it you fear the most – being wrong, not knowing the answer, or something else? Take a moment to explore fear, sometimes explained as: False Evidence Appearing Real Real or not, fear affects everything we do. […]. The post Do you fear being wrong? appeared first on Security Boulevard.

130

130

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

JANUARY 21, 2022

A massive supply chain attack compromised 93 WordPress themes and plugins to contain a backdoor, giving threat-actors full access to websites. [.].

141

141

Security Boulevard

JANUARY 21, 2022

Introduction. Xloader is an information stealing malware that is the successor to Formbook, which had been sold in hacking forums since early 2016. In October 2020, Formbook was rebranded as Xloader and some significant improvements were introduced, especially related to the command and control (C2) network encryption. With the arrival of Xloader, the malware authors also stopped selling the panel’s code together with the malware executable.

Encryption 125

Encryption Malware Backups Passwords 125

Bleeping Computer

JANUARY 21, 2022

Microsoft has started the forced rollout of Windows 10, version 21H2 to more devices approaching the end of service (EOS) as part of a first machine learning (ML) training phase. [.].

127

127

Threatpost

JANUARY 21, 2022

McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.

130

130

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

JANUARY 21, 2022

Following a stream of customer reports that started yesterday evening, security hardware manufacturer SonicWall has provided a temporary workaround for reviving next-gen firewalls running SonicOS 7.0 stuck in a reboot loop. [.].

Firewall 126

Firewall Manufacturing Technology 126

CSO Magazine

JANUARY 21, 2022

While cybersecurity is complex and multifaceted, security certifications (i.e., CISSP common body of knowledge 8 domains), regulations (i.e., HIPAA , PCI DSS , etc.), and best practices (i.e., CIS critical security controls ) all recommend starting cybersecurity programs at the same place: security hygiene and posture management. Experts agree that strong cybersecurity starts with the basics, like knowing about all IT assets deployed, establishing secure configurations, monitoring “drift” from

Cybersecurity 123

Cybersecurity Risk 123

Bleeping Computer

JANUARY 21, 2022

?Microsoft has announced that Excel 4.0 (XLM) macros will now be disabled by default to protect customers from malicious documents. [.].

Malware 142

Malware 142

Security Boulevard

JANUARY 21, 2022

In the last few years, Amazon S3 buckets have been linked to around 16 percent of cloud security breaches. ([link] What are Amazon S3 buckets, and what can users do to avoid becoming the next headline? In this blog article, we’ll go over the basics of Amazon S3 as well as several important security considerations […]. The post AMAZON S3 BUCKET – A Quick Overview appeared first on Kratikal Blogs.

122

122

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Dark Reading

JANUARY 21, 2022

Threat actors from Eastern Europe seen expressing some concern about Russia being a safe place for them to continue operating, researchers say.

Cybercrime 133

Cybercrime Ransomware 133

Security Boulevard

JANUARY 21, 2022

via the Comic Noggins of Nitrozac and Snaggy at The Joy of Tech® ! Permalink. The post Joy Of Tech® ‘The Internet Isn’t Fair’ appeared first on Security Boulevard.

Internet 120

Internet Internet 120

CSO Magazine

JANUARY 21, 2022

Researchers uncovered a stealthy UEFI rootkit that's being used in highly targeted campaigns by a notorious Chinese cyberespionage group with suspected government ties. The group is known for using software supply-chain attacks in the past. Dubbed MoonBounce by researchers from Kaspersky Lab, the implant's goal is to inject a malicious driver into the Windows kernel during the booting stages, providing attackers with a high level of persistence and stealthiness.

Firmware 116

Firmware Government Software 116

Security Boulevard

JANUARY 21, 2022

Don't take server backups for granted. Learn how to back up and restore your Linux system using the rsync utility. The post How to Back Up and Restore Your Linux System Using the Rsync Utility appeared first on JumpCloud. The post How to Back Up and Restore Your Linux System Using the Rsync Utility appeared first on Security Boulevard.

Backups 117

Backups 117

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Malwarebytes

JANUARY 21, 2022

In a CISA Insights bulletin the Cybersecurity & Infrastructure Security Agency (CISA) warns that every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. The warning specifically reminds readers of the recent developments in the Ukraine where public and private entities have suffered a series of malicious cyber incidents.

Backups 114

Backups Risk Malware Software 114

Security Boulevard

JANUARY 21, 2022

When enterprises implement low-code security automation solutions, they have the opportunity to mature as a security team by expanding actionability beyond the security operations center (SOC). This means that they automate use cases beyond the basic security orchestration automation and response (SOAR) use cases, like phishing. Once security teams move high-volume work off their plate, they are able to automate.

Phishing 117

Phishing 117

Heimadal Security

JANUARY 21, 2022

A high-severity bug in the WordPress Email Template Designer WP HTML Mail, which is installed in more than 20,000 websites, can lead to code injection and the distribution of persuasive phishing emails. WordPress WP HTML Mail is a plugin for creating tailored emails, contact form alerts, and other custom messages that digital platforms send to […].

Phishing 113

Phishing Cybersecurity 113

Security Boulevard

JANUARY 21, 2022

This week Apache disclosed 3 vulnerabilities impacting Log4j 1.x versions. The post New Log4j 1.x CVEs, and critical Chainsaw Vulnerability — What to Do? appeared first on Security Boulevard.

Firewall 113

Firewall 113

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.