Cyber Security Informer

Thieves Using AirTags to “Follow” Cars

Schneier on Security

DECEMBER 6, 2021

Brand name “air tags” are placed in out-of-sight areas of the target vehicles when they are parked in public places like malls or parking lots. Apple responded with a slew of anti-stalking measures , but those are more intended for keeping people safe than cars.

Burger King forgets to put a password on their systems, again

Security Affairs

AUGUST 2, 2023

Another piece of sensitive information that the research team observed included a Google Tag Manager ID. Google Tag Manager is a tool used to optimize update measurement codes and related code fragments, collectively known as tags, on a website or mobile app.

Passwords

Passwords Accountability Mobile Hacking

Retrofitting Temporal Memory Safety on C++

Google Security

MAY 26, 2022

To further quantify this overhead, we use a selected set of Chrome’s real-world browsing benchmarks to measure memory consumption. Hardware Memory Tagging to the Rescue MTE (Memory Tagging Extension) is a new extension on the ARM v8.5A Every 16 bytes of memory are assigned a 4-bit tag. The extension works as follows.

Technology

Technology Architecture Authentication Software

Arm, Qualcomm Patch Multiple Zero-Days Reported by Google

SecureWorld News

OCTOBER 5, 2023

In the case of Qualcomm, the situation became critical when Google's Threat Analysis Group (TAG) and Project Zero teams discovered several vulnerabilities, including CVE-2023-33106, CVE-2023-33107, CVE-2023-33063, and CVE-2022-22071. Arm also found itself in a similar predicament.

Manufacturing

Manufacturing Risk Software Cybersecurity

RFID: Is it Secret? Is it Safe?

Approachable Cyber Threats

JULY 19, 2022

RFID uses electromagnetic fields in the form of radio waves to establish communication links between an RFID tag or transmitter and an RFID reader or receiver. Pieces of information are transmitted through the link that the reader uses to establish authenticity of the tag or transmitter and authorize access. Is RFID secure?

Risk

Risk Encryption Technology Retail

Indian power generation giant Tata Power hit by a cyber attack

Security Affairs

OCTOBER 15, 2022

“All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points.” The Company has taken steps to retrieve and restore the systems.” ” reported The Economic Times. .”

Cyber Attacks

Cyber Attacks Hacking Technology Risk

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Security Affairs

DECEMBER 12, 2021

Quebec shut down nearly 4,000 of its sites as a preventative measure after the disclosure of a PoC exploit for the Log4Shell flaw ( CVE-2021-44228 ) in the Apache Log4j Java-based logging library. Query our API for "tags=CVE-2021-44228" for source IP addresses and other IOCs. Tags available to all users and customers now. .

Digital transformation

Digital transformation Education Government Hacking

Google warned users of 33,015 nation-state attacks since January

Security Affairs

OCTOBER 17, 2020

Shane Huntley, Director at Google’s Threat Analysis Group (TAG), revealed that her team has shared its findings with the campaigns and the Federal Bureau of Investigation. ” reads the report published by Google TAG. SecurityAffairs – hacking, Google TAG). According to Google, the alerts are shown to up to 0.1%

DDOS

DDOS Phishing Advertising Accountability

Five Key Points When Preventing Cybersecurity Attacks in a World of Hybrid Working

Security Boulevard

AUGUST 30, 2021

tag=Endpoint Protection'>Endpoint Protection</a> <a href='/blog?tag=Data tag=Data Loss Prevention'>Data Loss Prevention</a> <a href='/blog?tag=File tag=File Transfers'>File Transfers</a> <a href='/blog?tag=Advanced <a href='/blog?tag=Endpoint Additional Resources. Featured: .

Social Engineering

Social Engineering Cybersecurity Unstructured Data Engineering

News Alert: Dasera unveils new data security and governance platform for ‘Snowflake’ users

The Last Watchdog

JUNE 23, 2023

Chaudhuri With advanced data security measures, comprehensive governance controls, and Dasera’s powerful query analysis engine, organizations can confidently leverage their data to drive insights, make informed decisions, and achieve their strategic objectives.

Government

Government Engineering Risk Healthcare

Google announces V8 Sandbox to protect Chrome users

Security Affairs

APRIL 9, 2024

“In particular, neither switching to a memory safe language , such as Rust, nor using current or future hardware memory safety features, such as memory tagging , can help with the security challenges faced by V8 today.” .” reads the announcement.

Engineering

Engineering Software Hacking Information Security

SAP Patch Day: December 2023

Security Boulevard

DECEMBER 12, 2023

SAP Security Note #3350297 , tagged with a CVSS score of 9.1, The New HotNews Note in Detail SAP Security Note #3411067 , tagged with a CVSS score of 9.1, High Priority SAP Security Notes SAP Security Notes #3394567 , tagged with a CVSS score of 8.1, SAP Security Notes #3382353 , tagged with a CVSS score of 7.5,

Passwords

Passwords Technology Mobile Government

Data Loss Prevention: Best Practices for Secure Data Management

Centraleyes

APRIL 16, 2024

This involves evaluating the sensitivity and criticality of different data types, understanding potential threats, and aligning protective measures based on the assessed risks. Organizations can precisely tailor protective measures by understanding the landscape of sensitive information.

Encryption

Encryption Education Risk Healthcare

ProxyNotShell Finally Gets Patched by Microsoft

eSecurity Planet

NOVEMBER 10, 2022

“During this period, Microsoft proposed some mitigation measures , which it revised in response to intense criticism,” Walters added. “However, even the revised measures have not been a panacea, so it is good news that an official patch is available now. Installing it promptly is highly advisable.”

Phishing

Phishing Malware Cybersecurity Network Security

ISaPWN – research on the security of ISaGRAF Runtime

SecureList

MAY 23, 2022

An attacker that can carry out a MitM attack will be able to overwrite tag statuses, the program being downloaded to the device, or authentication data. A remote attacker could easily implement a password brute force attack in ISaGRAF Runtime.

Architecture

Architecture Authentication Passwords Encryption

[Full-Disclosure] HideezKey 2 FAIL: How a good idea turns into a SPF (Security Product Failure)

Security Affairs

MAY 7, 2021

Luckily for us, there was none of these anti-tampering measures in place. RFID Feature: One clue still left (from a hardware security POV) was about the RFID tag. Anyway, long-story-short, I wanted to check with my Proxmark what tag is that: it appears being a classic T55xx re-writable tag. meh…).

Firmware

Firmware Passwords Password Management Encryption

Best Practice Steps for Safe Data Sharing

Security Boulevard

MAY 24, 2021

tag=Data Security'>Data Security</a> <a href='/blog?tag=Data tag=Data Breach'>Data Breach</a> <a href='/blog?tag=Information In deciding the most appropriate way to do this and the level of security required, organizations should take a risk-based approach in determining appropriate measures.

Data breaches

Data breaches Risk Government Encryption

What Is a Backdoor Attack?

SiteLock

AUGUST 27, 2021

Taking proactive measures to secure your website and prevent backdoor attacks is critical if you want to avoid the financial fallout of a successful attack. As cybercrime increases, your security measures should, too. If your small business hasn’t yet taken measures to prevent a backdoor attack, now is the time to do so.

Small Business

Small Business Cybercrime Malware Backups

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

eSecurity Planet

MARCH 1, 2023

Without sufficient security measures, unauthorized users can easily gain access to a wireless network, steal sensitive data, and disrupt network operations. Using security measures such as encryption protocols, access control rules, and authentication procedures prevents unauthorized access and safeguards these wireless networks.

Wireless

Wireless Encryption Authentication IoT

Google mitigated a 2.54 Tbps DDoS attack in 2017, the largest DDoS ever seen

Security Affairs

OCTOBER 16, 2020

A report published by the Google Threat Threat Analysis Group (TAG) speculates that the attack was carried out by a state-sponsored threat actor. “we’ve seen bigger players increase their capabilities in launching large-scale attacks in recent years. ” reads the report published by Google.

DDOS

DDOS DNS Advertising Engineering

The Price Tag for Secure Systems is Way Too High

CyberSecurity Insiders

JANUARY 3, 2023

This not only provides some breathing room for cybersecurity teams, but it allows them to get ahead of threat actors, to stop wasting time putting out fires, and to start building effective preventative cybersecurity measures. Instead, they must pivot their approach and adopt preventative measures. Cloud-Native Service.

Artificial Intelligence

Artificial Intelligence Cybersecurity Phishing Technology

California University Pays $1.14 Million in Ransomware Attack

SecureWorld News

JULY 1, 2020

Just as though it was trying to curb the spread of a disease like COVID-19, the university moved quickly to control the malware's reach: "We quarantined several IT systems within the School of Medicine as a safety measure, and we successfully isolated the incident from the core UCSF network.

Ransomware

Ransomware Encryption Malware Hacking

How to evolve your organization into a data-centric security architecture

CyberSecurity Insiders

DECEMBER 21, 2021

Whether you are starting from scratch or already have safety measures in place, it is paramount to make data protection a priority. If you are starting out fresh, the following are measures to build with. Some teams choose to use tags, so they are able to rapidly search for items. Implementing data-centric security.

Architecture

Architecture Encryption Authentication Data breaches

7 Step Data Loss Prevention Checklist for 2021

CyberSecurity Insiders

FEBRUARY 9, 2021

It should cover both structured and unstructured data, tagging it based on its level of sensitivity and making it easier to find, track, and safeguard. Applying persistent classification tags to data is essential and allows your organizations to track their use. Identify & assess compliance obligations.

Unstructured Data

Unstructured Data Risk Education Marketing

Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE

Security Affairs

SEPTEMBER 2, 2021

Query our API for "tags=CVE-2021-26084" for full payload and source IPs. The users of the affected products are recommended to take measures such as upgrading to the latest version or apply workaround as soon as possible.” threatintel — Bad Packets (@bad_packets) September 1, 2021.

Authentication

Authentication Internet Internet Hacking

Developing an incident response playbook

SecureList

MARCH 23, 2023

Next, we want to investigate what is going on within the incident (whether the adversary persists using scheduled tasks or startup scripts) and execute containment measures to mitigate risks and reduce the damage caused by the attack. If the incident data and rule/policy logic mismatch, the incident may be tagged as a false positive.

Accountability

Accountability Risk DDOS Malware

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

“Clips from the hacked footage have been uploaded on pornographic sites recently, with several explicitly tagged as being from Singapore.” The news is not surprising, unfortunately in many cases IoT devices, including IP cameras, are deployed without proper security measures. ” reported The New Paper.”

IoT

IoT Internet Internet Hacking

Information stealer compromises legitimate sites to attack other sites

Malwarebytes

JUNE 5, 2023

Since the code is executed on the client's side, the malicious behavior is hard to detect by the website’s owner since it will not be picked up by web application firewalls (WAFs) and other measures to keep the server safe. This campaign is different since it relies on legitimate but compromised sites to make the traffic look genuine.

Firewall

Firewall Ransomware Risk

4 ways ransomware can cost your business (in addition to extortion)

Webroot

JULY 8, 2021

These are some of those affects inflating the price tag of an attack, which we call The Hidden Costs of Ransomware. We attempted to quantify these lost hours based on hours spent on remediation (easily measurable) and the opportunity costs from diverting resources from IT teams’ “blue sky” responsibilities (tougher to measure).

Ransomware

Ransomware Energy and Utilities Surveillance Insurance

US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

Security Affairs

JULY 25, 2020

The alert includes additional mitigations and detection measures to determine if a system may have been compromised and include info recover after attacks that exploited the vulnerability. Query our API for "tags=CVE-2020-5902" for a full list of unique payloads and relevant indicators.

Advertising

Advertising Government Healthcare Education

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 6, 2023

Hunts Chinese Malware That Could Disrupt American Military Operations Iranian cloud company accused of hosting cybercriminals, nation-state hackers Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023 Cybersecurity How A Company (..)

Malware

Malware Cybercrime Cryptocurrency Social Engineering

Microsoft Breach?—?How Can I See This In BloodHound?

Security Boulevard

FEBRUARY 2, 2024

Validate Your Critical Assets Your critical assets (Tier Zero / High Value Assets) in BloodHound are automatically tagged to identify objects with full control of your Entra ID tenant. The first place to validate that no foreign objects maintain significant control of your environment is here.

Risk

Risk Cybersecurity

Eclypsium Awarded AFWERX SBIR Phase One Contract to Explore Air Force Use of Enterprise Device Security Platform

CyberSecurity Insiders

MAY 7, 2021

As adversaries continue to expand their capabilities into the many devices in our infrastructure, the DoD must deploy the most advanced cyber defense measures available. The Eclypsium platform can be deployed in the cloud or on-premise in minutes, utilizing an organization’s existing staff and resources.

Firmware

Firmware Small Business Threat Detection Technology

CWE-611

Security Boulevard

SEPTEMBER 15, 2021

XML is used to store and transport data using a tree-like structure of tags and data. The key protective measure is to sanitize or escape all user input used in XML, though escaping or blocking key XML metacharacters is also protective. How XML-related vulnerabilities occur.

Architecture

Architecture Software Cybersecurity

Some quick notes on SDR

Errata Security

JULY 5, 2021

We are surrounded by devices giving off packets here: our phones, our watches, "tags" attached to devices, televisions, remote controls, speakers, computers, and so on. The width is measured in frequency, 20 MHz wide. I was able to capture the screen at the moment some packets were sent, showing signal at this point.

Mobile

Mobile Internet Internet Government

Visa warns of new sophisticated credit card skimmer dubbed Baka

Security Affairs

SEPTEMBER 6, 2020

The Baka loader works by dynamically adding a script tag to the current page that loads a remote JavaScript file. The alert includes Indicators of Compromise and the following list of best practices and mitigation measures: • Institute recurring checks in eCommerce environments for communications with the C2s.

eCommerce

eCommerce Malware Encryption Advertising

CakePHP Application Cybersecurity Research – Protect Your Website from Stored XSS Attacks: Understanding and Preventing Vulnerabilities in Open-source Applications

Zigrin Security

JUNE 7, 2023

Case 3 – Event graph view MISP allows some users to create new tags that can be later on used in events and attributes. Remediations Summary It’s important to keep in mind that preventing stored XSS vulnerabilities requires a multi-layered approach, involving a combination of technical and procedural measures.

Cybersecurity

Cybersecurity Penetration Testing Passwords Encryption

HUMAN Orchestrates Unprecedented Private Takedown, VASTFLUX

CyberSecurity Insiders

JANUARY 19, 2023

HUMAN worked closely with its partners in the Human Collective to get additional insight into traffic volumes and verification tags they were using on their ads. Within a two-week period, HUMAN’s Satori Team deployed three distinct mitigation measures to protect customers from VASTFLUX, followed by the private takedown.

Advertising

Advertising Cybercrime CISO Education

Extending Zero Trust Security to Industrial Networks

Cisco Security

JUNE 28, 2021

While this is still the mandatory first step to protect operations, embracing the digital industry revolution requires additional security measures, assuming that no user, application, or connected device are trustworthy anymore. Yet, most industrial organizations still operate without an up-to-date asset inventory. Endpoint compliance.

IoT

IoT Architecture Marketing Threat Detection

Cost-Effective Steps the Healthcare Industry Can Take To Mitigate Damaging Ransomware Attacks

CyberSecurity Insiders

OCTOBER 25, 2022

According to a recent IBM report , breaches now come with a record-high price tag of $10.1 For many of these hospitals and rural clinics, insufficient security measures dramatically escalate the risk of an attack. million on average, leaving behind potentially disruptive damage as the industry struggles to mitigate associated costs.

Healthcare

Healthcare Ransomware Social Engineering Identity Theft

Ask a Security Professional: DDoS Attacks — Part Two: Application Layer Attacks

SiteLock

AUGUST 27, 2021

When preparing to launch a targeted attack, the experienced adversary will take into account the defensive measures the target has, the software being used by the target, and the resources available to the adversary to execute the attack, such as botnet capacity. Message @SiteLock and use the #AskSecPro tag!

DDOS

DDOS Firewall Accountability DNS

Researchers analyzed the PREDATOR spyware and its loader Alien

Security Affairs

MAY 29, 2023

” In May 2022, Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. ” The researchers reported that the implant runs a variety of processes to bypass security measured supported by Android OS.

Spyware

Spyware Surveillance Media Malware

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

eSecurity Planet

OCTOBER 9, 2023

The sheer number of security issues underscores the need for strong patch and vulnerability management — and for cyber resilience that goes deeper than common preventive measures. And Linux distributions and the TorchServe AI tool were confronted with major security flaws too.

Architecture

Architecture Ransomware Software Accountability

How Do You Quantify Risk? Best Techniques

Centraleyes

FEBRUARY 13, 2024

What happens when several risks carry the same “medium” tag, leaving decision-makers pondering where to focus their attention and allocate precious resources? There were ten in the bed And the little one said, “Roll over! Roll over!” So they all rolled over, and one fell out.

Risk

Risk Cyber Risk Cybersecurity Penetration Testing

Thieves Using AirTags to “Follow” Cars

Burger King forgets to put a password on their systems, again

Trending Sources

Retrofitting Temporal Memory Safety on C++

Arm, Qualcomm Patch Multiple Zero-Days Reported by Google

RFID: Is it Secret? Is it Safe?

Indian power generation giant Tata Power hit by a cyber attack

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Google warned users of 33,015 nation-state attacks since January

Five Key Points When Preventing Cybersecurity Attacks in a World of Hybrid Working

News Alert: Dasera unveils new data security and governance platform for ‘Snowflake’ users

Google announces V8 Sandbox to protect Chrome users

SAP Patch Day: December 2023

Data Loss Prevention: Best Practices for Secure Data Management

ProxyNotShell Finally Gets Patched by Microsoft

ISaPWN – research on the security of ISaGRAF Runtime

[Full-Disclosure] HideezKey 2 FAIL: How a good idea turns into a SPF (Security Product Failure)

Best Practice Steps for Safe Data Sharing

What Is a Backdoor Attack?

Wireless Security: WEP, WPA, WPA2 and WPA3 Explained

Google mitigated a 2.54 Tbps DDoS attack in 2017, the largest DDoS ever seen

The Price Tag for Secure Systems is Way Too High

California University Pays $1.14 Million in Ransomware Attack

How to evolve your organization into a data-centric security architecture

7 Step Data Loss Prevention Checklist for 2021

Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE

Developing an incident response playbook

Hackers claim to have compromised 50,000 home cameras and posted footage online

Information stealer compromises legitimate sites to attack other sites

4 ways ransomware can cost your business (in addition to extortion)

US CISA warns of attacks exploiting CVE-2020-5902 flaw in F5 BIG-IP

Security Affairs newsletter Round 431 by Pierluigi Paganini – International edition

Microsoft Breach?—?How Can I See This In BloodHound?

Eclypsium Awarded AFWERX SBIR Phase One Contract to Explore Air Force Use of Enterprise Device Security Platform

CWE-611

Some quick notes on SDR

Visa warns of new sophisticated credit card skimmer dubbed Baka

CakePHP Application Cybersecurity Research – Protect Your Website from Stored XSS Attacks: Understanding and Preventing Vulnerabilities in Open-source Applications

HUMAN Orchestrates Unprecedented Private Takedown, VASTFLUX

Extending Zero Trust Security to Industrial Networks

Cost-Effective Steps the Healthcare Industry Can Take To Mitigate Damaging Ransomware Attacks

Ask a Security Professional: DDoS Attacks — Part Two: Application Layer Attacks

Researchers analyzed the PREDATOR spyware and its loader Alien

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

How Do You Quantify Risk? Best Techniques

Stay Connected