IT Security Guru

APRIL 12, 2022

There are a few notable exploited misconfigurations, from default built-in file sharing, and lack of password enforcement, albeit no password to multi-factor authentication (MFA), to the risks of legacy protocols and OAuth apps, that can bring a little clarity to understanding the complex landscape that is a company’s SaaS security posture.

CISO 113

CISO Passwords Marketing System Administration 113

SC Magazine

JULY 7, 2021

CISA assigned CVE-2020-1938 to the flaw, which stems from the use of Apache JServ (AJP). Further, the Redis server operates on a remote host but is not protected by password authentication. The vulnerability is caused when the Apache Tomcat protocol treats AJC connections as having higher trust than similar HTTP connections.

VPN 121

VPN Software System Administration Passwords 121

Security Affairs

MAY 2, 2021

Experts pointed out that ComplexCodes had been selling a “WeSupply Crypto Stealer” since May 2020., Organizations with effective spam filtering, proper system administration and up-to-date Windows hosts have a much lower risk of infection.” and WeSteal is likely simply an evolution of the WeSupply Crypto Stealer project.

Cryptocurrency 116

Cryptocurrency Malware Advertising System Administration 116

Security Affairs

MARCH 14, 2023

Makop gang did not conduct any significative retooling since 2020, which is a clear indicator of their effectiveness even after three years and hundreds of successful compromises. The gang leverages exposed remote administration services and internet-facing vulnerabilities to gain and maintain access to victim networks.

Ransomware 98

Ransomware Software System Administration Encryption 98

Malwarebytes

APRIL 21, 2021

Most of the problems discovered by Pulse Secure and Mandiant involve three vulnerabilities that were patched in 2019 and 2020. CVE-2020-8243 a vulnerability in the Pulse Connect Secure < 9.1R8.2 But there is also a very serious new issue that it says impacts a very limited number of customers. The old vulnerabilities.

VPN 84

VPN Authentication Malware System Administration 84

IT Security Guru

SEPTEMBER 7, 2022

Per a recent report from Q4 2020 to Q4 2021 , the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%. password guessing). Microservices Architecture has Created a Security Blind Spot. API Security Tools.

DDOS 131

DDOS Authentication Architecture Social Engineering 131

eSecurity Planet

JULY 6, 2021

After a series of highly publicized ransomware attacks this spring, the Kaseya attack most resembles the compromise of SolarWinds in late 2020. Kaseya’s flagship product is a remote monitoring and management (RMM) solution called the Virtual Systems Administrator (VSA) and is the product at the center of the current attack.

Ransomware 122

Ransomware Software B2B System Administration 122

eSecurity Planet

MARCH 25, 2022

Remote desktop software’s sensitive influence over other devices means identity and access management (IAM), password security , and multi-factor authentication are critical for risk management. Like in the case of SolarWinds in 2020, masked threat actors aren’t afraid to linger for months during reconnaissance.

VPN 120

VPN Software Authentication Encryption 120

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. BlackByte Ransomware Protection Steps. Federal organizations will only have until February 24, 2022 to patch this vulnerability. How to Use the CISA Catalog.

Ransomware 128

Ransomware Encryption Backups Accountability 128

CyberSecurity Insiders

SEPTEMBER 21, 2021

Authentication and password management. Passwords are one of the least safe user authentication methods, yet they are also frequently used for web applications for safeguarding online data. OWASP recommends the following methods: Implement monitoring to identify attacks against multiple user accounts, utilizing the same password.

Authentication 79

Authentication Passwords Software Accountability 79

SecureList

OCTOBER 12, 2023

The group started its activities in December 2020 and has been responsible for multiple sets of attacks against high-profile entities in Europe and Asia. ToddyCat is an advanced APT actor that we described in a previous publication last year.

Encryption 141

Encryption Passwords Malware Firewall 141

eSecurity Planet

SEPTEMBER 10, 2021

The fourth biggest threat to public cloud security identified in CloudPassage’s report is unauthorized access (and growing – 53 percent, up from 42 percent in 2020). Logging helps system administrators keep track of which users are making changes to the environment—something that would be nearly impossible to do manually.

Penetration Testing 132

Penetration Testing Encryption Risk Technology 132

Security Boulevard

DECEMBER 2, 2022

Also, remember how users can use keys rather than a password to login? So, imagine Susan is a system admin and she has access to several servers. She used SSH keygen to generate keys and she now can login to the systems via Secure Shell. These algorithms change and as they age, they become more vulnerable.

Risk 64

Risk Passwords Authentication Accountability 64

Security Boulevard

SEPTEMBER 24, 2021

The auditors claim account passwords must “be changed every 90 days”. If CISA still has it in their recommendations for election systems, then CISA is wrong. In practice, system administrators aren’t available (again, it’s an airgapped system, so no remote administration). This is absurd.

Software 110

Software Computers and Electronics Accountability Firewall 110

Errata Security

SEPTEMBER 24, 2021

The auditors claim account passwords must “be changed every 90 days”. If CISA still has it in their recommendations for election systems, then CISA is wrong. In practice, system administrators aren’t available (again, it’s an airgapped system, so no remote administration). This is absurd.

Software 109

Software Computers and Electronics Accountability Firewall 109

NopSec

MARCH 16, 2020

Once you understand which systems form your telework attack surface ask yourself which vulnerabilities and misconfigurations they have. First of all, ask yourself whether all your remote working systems and related directory services they are tapping into have adequate password length policy, password expiration,and username randomization.

VPN 40

VPN Accountability Risk System Administration 40

Security Boulevard

JUNE 20, 2022

On December 15, 2020, Microsoft published their new revised version of Securing Privileged Access on Microsoft docs, including the Enterprise Access Model, which encompasses both on-prem, Operational Technology (OT), Azure, and other cloud providers. BHE can also help you with maintenance.

Accountability 52

Accountability Risk Passwords Authentication 52

Digital Shadows

AUGUST 17, 2021

Going back a bit, it was also the top attack vector in 2020, 2019, 2018, 2017, 2016, and well, hopefully, you get the picture. It could be a system administrator who has access to sensitive defense information and recently just met an attractive fitness influencer on social media (hello, Iran !). Why should I care about Phish?

Phishing 52

Phishing Accountability Social Engineering Mobile 52

eSecurity Planet

DECEMBER 3, 2021

Normally account take overs are due to insecure passwords or recovery options, this is definitely something different. — Dave Kennedy (@HackingDave) July 15, 2020. link] pic.twitter.com/cVIyB44o6q — Eugene Kaspersky (@e_kaspersky) June 22, 2020. — Parisa Tabriz (@laparisa) January 26, 2020. Ingenious!

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Security Affairs

AUGUST 4, 2020

NSCS @cse_cst @CISAgov @FBI [link] — @U.S.CyberCommand (@US_CYBERCOM) August 3, 2020. The CISA agency provides recommendations for system administrators and owners to enhance the level of security of their organizations: Maintain up-to-date antivirus signatures and engines. Keep operating system patches up-to-date.

Malware 140

Malware Government Passwords Advertising 140

Malwarebytes

AUGUST 18, 2021

At the WWDC 2020, Apple made a big deal of several new macOS and iOS features that were, in fact, big deals. The Apple video Explore the new system architecture of Apple silicon Macs from session 10686 of the WWDC 2020 has a good overview of most of the new security features, and more.).

Firmware 145

Firmware Architecture Risk Engineering 145