December, 2020

article thumbnail

NSA on Authentication Hacks (Related to SolarWinds Breach)

Schneier on Security

The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected data in the cloud.” This is related to the SolarWinds hack I have previously written about , and represents one of the techniques the SVR is using once it has gained access to target networks.

article thumbnail

VMware Flaw a Vector in SolarWinds Breach?

Krebs on Security

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware , which the U.S.

Software 354
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Update 222

Troy Hunt

I'm live again! Well, I was live having found enough connectivity in Port Douglas to go back to streaming. I'll still be here next week too and will plan on doing a Christmas morning stream from the same location. I talk a bunch about the trip and what I'm seeing in Aus in the latter part of this video, it's a truly amazing place I'm only just getting to really see extensively now.

article thumbnail

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. Swatting is a dangerous prank where emergency services are called to respond to a life threatening situation that requires immediate intervention by police and/or S.W.A.T. teams. In a public service announcement issued December 29, the FBI warned that “offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out swatting attacks.

IoT 300
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Machine learning: A cheat sheet

Tech Republic Security

From Apple to Google to Toyota, companies across the world are pouring resources into developing AI systems with machine learning. This comprehensive guide explains what machine learning really means.

218
218
article thumbnail

New Golang-based Crypto worm infects Windows and Linux servers

Security Affairs

Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered a Golang-based worm that targets Windows and Linux servers. The malware has been active since early December targeting public-facing services, including MySQL, Tomcat admin panel and Jenkins that are protected with weak passwords.

Malware 145

More Trending

article thumbnail

SolarWinds Hack Could Affect 18K Customers

Krebs on Security

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by the intruders to control infected systems.

Hacking 342
article thumbnail

Weekly Update 221

Troy Hunt

Well this is different; a weekly update bereft of neon studio lighting and instead done from the great outdoors, complete with all sorts of animal noises and a (probably) drunk green tree frog. I picked one of my favourite travelling companions to join me this week, a little guy I last did one of these with in a very different environment back in Oslo earlier this year.

article thumbnail

Latest on SolarWinds Cyber Attack: 'Grave Impact'

SecureWorld News

When news broke a few days ago that IT management company SolarWinds was compromised in a supply chain cyber attack, we discovered that attackers accessed both the U.S Treasury Department and the Department of Commerce. Read the related story. Now we know that was just the start. Here are updates coming in: CISA emergency directive to unplug SolarWinds Orion products.

article thumbnail

Phone scammers were able to get 270% more personal information in 2020 than in 2019

Tech Republic Security

The COVID-19 crisis enabled scammers to take advantage of the guileless, as bad actors were able to extract personal information from targets, according to a new report from First Orion.

217
217
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack

Security Affairs

Threat actors are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin installed on more than 500,000 sites. Hackers are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin to reset passwords for admin accounts. The SMTP WordPress plugin is installed on more than 500,000 sites, but despite the security patch has been released earlier this week many sites are yet to be patched.

Hacking 145
article thumbnail

US Schools Are Buying Cell Phone Unlocking Systems

Schneier on Security

Gizmodo is reporting that schools in the US are buying equipment to unlock cell phones from companies like Cellebrite: Gizmodo has reviewed similar accounting documents from eight school districts, seven of which are in Texas, showing that administrators paid as much $11,582 for the controversial surveillance technology. Known as mobile device forensic tools (MDFTs), this type of tech is able to siphon text messages, photos, and application data from student’s devices.

article thumbnail

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Krebs on Security

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise of its software update servers earlier this year may have resulted in malicious code

Hacking 340
article thumbnail

SolarWinds Orion Hack…A Cybersecurity Wake-Up Call

CompTIA on Cybersecurity

As the dust settles on the Solar Winds Orion cyberattack, it's clear that the IT industry needs to take the next step and band together, sharing threat intelligence and cyber best practices to avoid similar hacks in the future.

Hacking 141
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Hey Alexa, Who Am I Messaging?

Threatpost

Research shows that microphones on digital assistants are sensitive enough to record what someone is typing on a smartphone to steal PINs and other sensitive info.

IoT 145
article thumbnail

Phishing emails: More than 25% of American workers fall for them

Tech Republic Security

A new global report on phishing attempts shows how the workforce has responded to security threats since COVID-19, and the new vulnerabilities that have resulted from the remote work landscape.

Phishing 212
article thumbnail

SUPERNOVA, a Backdoor Found While Investigating SolarWinds Hack

Security Affairs

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor.

Hacking 145
article thumbnail

More on the SolarWinds Breach

Schneier on Security

The New York Times has more details. About 18,000 private and government users downloaded a Russian tainted software update –­ a Trojan horse of sorts ­– that gave its hackers a foothold into victims’ systems, according to SolarWinds, the company whose software was compromised. Among those who use SolarWinds software are the Centers for Disease Control and Prevention, the State Department, the Justice Department, parts of the Pentagon and a number of utility companies.

Passwords 354
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Krebs on Security

Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.

article thumbnail

2021 Security Budgets: Top Priorities, New Realities

Dark Reading

An unprecedented 2020 has shaken up security leaders' usual list of must-have technologies. What's on the horizon? They share with us their spending plans for 2021.

article thumbnail

The Most Dangerous People on the Internet in 2020

WIRED Threat Level

This year saw plenty of destructive hacking and disinformation campaigns—but amid a pandemic and a historic election, the consequences have never been graver.

Internet 145
article thumbnail

Android security: The last piece of advice you'll need for 2020

Tech Republic Security

Jack Wallen takes one more opportunity to remind Android device owners to use those phones with a great deal of caution; otherwise, they could become victims of malware.

Malware 214
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

OpenSSL is affected by a ‘High Severity’ security flaw, update it now

Security Affairs

The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL Project warned of a ‘high-severity’ security vulnerability in the TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The flaw is a null pointer dereference, successful exploitation could trigger denial-of-service conditions.

Hacking 145
article thumbnail

How China Uses Stolen US Personnel Data

Schneier on Security

Interesting analysis of China’s efforts to identify US spies: By about 2010, two former CIA officials recalled, the Chinese security services had instituted a sophisticated travel intelligence program, developing databases that tracked flights and passenger lists for espionage purposes. “We looked at it very carefully,” said the former senior CIA official.

Hacking 352
article thumbnail

Account Hijacking Site OGUsers Hacked, Again

Krebs on Security

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment. Roughly a week ago, the OGUsers homepage was defaced with a message stating the forum’s user database had been compromised.

article thumbnail

We Have a National Cybersecurity Emergency -- Here's How We Can Respond

Dark Reading

Let's prioritize bipartisan strategic actions that can ensure our national security and strengthen the economy. Here are five ideas for how to do that.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

article thumbnail

FBI Warn Hackers are Using Hijacked Home Security Devices for ‘Swatting’

Threatpost

Stolen email credentials are being used to hijack home surveillance devices, such as Ring, to call police with a fake emergency, then watch the chaos unfold.

article thumbnail

Top 5 tech skills to master in 2021

Tech Republic Security

If you want to improve or expand your current skill set, there are a few options you can focus on. Tom Merritt lists five tech skills to master in the coming year.

218
218
article thumbnail

VMware and Cisco also impacted by the SolarWinds hack

Security Affairs

The IT giants VMware and Cisco revealed they were impacted by the recently disclosed SolarWinds supply chain attack. VMware and Cisco confirmed to have been both impacted by the recent SolarWinds hack. A recent advisory published by the NSA is warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from their targets.

Hacking 143
article thumbnail

Finnish Data Theft and Extortion

Schneier on Security

The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they started extorting money from the patients : Neither the company nor Finnish investigators have released many details about the nature of the breach, but reports say the attackers initially sought a payment of about 450,000 euros to protect about 40,000 patient records.

article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.