Sat.May 28, 2022 - Fri.Jun 03, 2022

The Limits of Cyber Operations in Wartime

Schneier on Security

Interesting paper by Lennart Maschmeyer: “ The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations “: Abstract: Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear.

Media 244

Detection as Code? No, Detection as COOKING!

Anton on Security

One of the well-advertised reasons for being in the office is about those “magical hallway conversations” (Google it). One happened to me a few days ago and led to a somewhat heated debate on the nature of modern threat detection.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

What Counts as “Good Faith Security Research?”

Krebs on Security

The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases.

Can Privacy, Security and Ease of Use Work Together?

Lohrman on Security

In this interview with Washington state Chief Privacy Officer Katy Ruckle, we explore the role of data privacy in providing government services.

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Remotely Controlling Touchscreens

Schneier on Security

Researchers have demonstrated controlling touchscreens at a distance, at least in a laboratory setting: The core idea is to take advantage of the electromagnetic signals to execute basic touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device.

GUEST ESSAY: A Memorial Day call to upskill more veterans for in-demand cybersecurity roles

The Last Watchdog

It’s no secret that cybersecurity roles are in high demand. Today there are more than 500,000 open cybersecurity roles in the U.S., leaving organizations vulnerable to cyber threats. Related: Deploying employees as threat sensors. Meanwhile, 200,000 well-trained and technically skilled military service members are discharged each year. These individuals have many transferable skills that would make cybersecurity a prosperous civilian career.

More Trending

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Security Affairs

Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products.

Security and Human Behavior (SHB) 2022

Schneier on Security

Today is the second day of the fifteenth Workshop on Security and Human Behavior , hosted by Ross Anderson and Alice Hutchings at the University of Cambridge. After two years of having this conference remotely on Zoom, it’s nice to be back together in person.

234
234

RSAC insights: Malware is now spreading via weaponized files circulating in data lakes, file shares

The Last Watchdog

The zero trust approach to enterprise security is well on its way to mainstream adoption. This is a very good thing. Related: Covid 19 ruses used in email attacks. At RSA Conference 2022 , which takes place next week in San Francisco, advanced technologies to help companies implement zero trust principals will be in the spotlight. Lots of innovation has come down the pike with respect to imbuing zero trust into two pillars of security operations: connectivity and authentication.

AppSec Decoded: Security at the speed of DevOps

Security Boulevard

Learn about today’s DevOps challenges and what organizations can do to improve security in their processes without compromising speed. The post AppSec Decoded: Security at the speed of DevOps appeared first on Application Security Blog.

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert, will outline the relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Clipminer Botnet already allowed operators to make at least $1.7 Million

Security Affairs

The Clipminer botnet allowed operators to earn at least $1.7 million, according to a report published by security researchers at Symantec. Researchers at Symantec’s Threat Hunter Team uncovered a cryptomining operation that has potentially made the actors behind it at least $1.7

Clever — and Exploitable — Windows Zero-Day

Schneier on Security

Researchers have reported a still-unpatched Windows zero-day that is currently being exploited in the wild. Here’s the advisory , which includes a work-around until a patch is available. Uncategorized Microsoft patching Windows zero-day

232
232

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. Big banks and insurance companies instilled the practice of requesting their third-party vendors to fill out increasingly bloated questionnaires, called bespoke assessments, which they then used as their sole basis for assessing third-party risk. TPRM will be in the spotlight at the RSA Conference 2022 next week in San Francisco.

Risk 181

GitLab Issues Security Patch for Critical Account Takeover Vulnerability

The Hacker News

GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover. Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company.

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization. They’ll share how to grow your business faster and minimize costs for both security and compliance

Multiple Microsoft Office versions impacted by an actively exploited zero-day

Security Affairs

A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus.

Me on Public-Interest Tech

Schneier on Security

Back in November 2020, in the middle of the COVID-19 pandemic, I gave a virtual talk at the International Symposium on Technology and Society: “ The Story of the Internet and How it Broke Bad: A Call for Public-Interest Technologists.”

RSAC insights: Software tampering escalates as bad actors take advantage of ‘dependency confusion’

The Last Watchdog

It’s not difficult to visualize how companies interconnecting to cloud resources at a breakneck pace contribute to the outward expansion of their networks’ attack surface. Related: Why ‘SBOM’ is gaining traction. If that wasn’t bad enough, the attack surface companies must defend is expanding inwardly, as well – as software tampering at a deep level escalates.

EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities

The Hacker News

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS).

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. Join Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies, for a discussion that will focus on compliance and the types of privacy and security measures your company should be aware of, as well as tips and methods for implementing these measures.

Follina?—?a Microsoft Office code execution vulnerability

DoublePulsar

Two days ago, Nao_sec identified an odd looking Word document in the wild, uploaded from an IP address in Belarus: Continue reading on DoublePulsar ». cybersecurity-news cybersecurity follina

Experts uncovered over 3.6M accessible MySQL servers worldwide

Security Affairs

Researchers uncovered 3.6M accessible MySQL servers worldwide that represent a potential attack surface for their owners. Researchers from Shadow Server scanned the internet for publicly accessible MySQL server instances on port 3306/TCP and uncovered 3.6M

RSAC insights: Concentric AI directs Google’s search techniques towards locking down data sprawl

The Last Watchdog

In order to extract value from the Internet, data sprawl first must get reined in. This has always been the case. Related: Equipping SOCs for the long haul. What good is connecting applications, servers and networks across the public cloud if you’re unable to securely operationalize the datasets that these interconnected systems store and access? Solving data sprawl has now become a focal point of cybersecurity. It’s about time.

Critical OAS Bugs Open Industrial Systems to Takeover

Dark Reading

The most serious flaw gives attackers a way to remotely execute code on systems that many organizations use to move data in critical ICS environments, security vendor says

113
113

Vulnerabilities on UNISOC Processors loaded Android Phones

CyberSecurity Insiders

All those who are using an Android phone running on a UNISOC chipset are being warned that their devices are vulnerable to remote attacks where the cyber crooks can block or intercept communications to manipulate thereafter.

Microsoft Finds Critical Bugs in Pre-Installed Apps on Millions of Android Devices

The Hacker News

Four high severity vulnerabilities have been disclosed in a framework used by pre-installed Android System apps with millions of downloads.

113
113

RSAC insights: Why vulnerability management absolutely must shift to a risk-assessment approach

The Last Watchdog

Vulnerability management, or VM, has long been an essential, if decidedly mundane, component of network security. Related: Log4J’s long-run risks. That’s changing — dramatically. Advanced VM tools and practices are rapidly emerging to help companies mitigate a sprawling array of security flaws spinning out of digital transformation. I visited with Scott Kuffer, co-founder and chief operating officer of Sarasota, FL-based Nucleus Security , which is in the thick of this development.

Risk 148

MLOps vs AIOps: What’s the difference?

Security Boulevard

An overview of the MLOps and AIOps worlds to understand what they mean, how they relate to DevOps, and how they compare in terms of benefits. The post MLOps vs AIOps: What’s the difference? appeared first on Security Boulevard. Security Bloggers Network Data Management Blog

113
113

Italy on high alert as Russian Killnet group starts Cyber Attacks

CyberSecurity Insiders

Italy has placed all its Critical Infrastructure on high alert as it is facing a cyber threat from the Pro-Russian hacking group Killnet.

Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild

The Hacker News

Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems.

RSAC insights: ‘SaaS security posture management’ — SSPM — has emerged as a networking must-have

The Last Watchdog

Companies have come to depend on Software as a Service – SaaS — like never before. Related: Managed security services catch on. From Office 365 to Zoom to Salesforce.com, cloud-hosted software applications have come to make up the nerve center of daily business activity. Companies now reach for SaaS apps for clerical chores, conferencing, customer relationship management, human resources, salesforce automation, supply chain management, web content creation and much more, even security.

New XLoader Botnet version uses new techniques to obscure its C2 servers

Security Affairs

A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure.

US Universities credentials published on dark web

CyberSecurity Insiders

The Federal Bureau of Investigation, aka FBI, has issued a notification that student credentials from many renowned colleges and universities operating in the US were up for sale on the dark web and some public domains.

Building America's Cybersecurity Infrastructure

Dark Reading

The government is putting the right skills and expertise in place to fight the rising cyber threat

Mysterious “Follina” zero-day hole in Office – what to do?

Naked Security

News has emerged of a "feature" in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn't help! Microsoft Security threats Vulnerability Follina ms-msdt MSDT Office Zero Day

108
108