Architecture and Information Security - Cyber Security Informer

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

Joseph Steinberg

JANUARY 4, 2023

But, even those who have a decent grasp on the meaning of Zero Trust seem to frequently confuse the term with Zero Trust Network Architecture (ZTNA). Zero Trust Network Architecture is an architecture of systems, data, and workflow that implements a Zero Trust model. In short, Zero Trust is an approach.

Architecture

Architecture Artificial Intelligence Encryption Cybersecurity

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization.

Architecture

Architecture Network Security Firewall Risk

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

What there is a shortage of are computer scientists, developers, engineers, and information security professionals who can code, understand technical security architecture, product security and application security specialists, analysts with threat hunting and incident response skills.

Cybersecurity

Cybersecurity CISO Engineering Architecture

Building a Ransomware Resilient Architecture

eSecurity Planet

DECEMBER 2, 2022

While security teams layer essential preventative measures, resilience measures also need to be implemented in an architecture to reduce the impact of ransomware attacks on your backups. Figure 1: Typical VLAN architecture. Figure 2: Resilient VLAN architecture. How could this have been prevented? Does this add latency?

Architecture

Architecture Ransomware Backups Firewall

ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data

Security Affairs

AUGUST 17, 2022

Researchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. The ÆPIC Leak ( CVE-2022-21233 ) is the first architecturally CPU bug that could lead to the disclosure of sensitive data and impacts most 10th, 11th and 12th generation Intel CPUs.

Architecture

Architecture Firmware Software Information Security

NIST’s Post-Quantum Cryptography Standards

Schneier on Security

AUGUST 8, 2022

Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force. It took a couple of decades to fully understand von Neumann computer architecture; expect the same learning curve with quantum computing. The second uncertainly is in the algorithms themselves.

Encryption

Encryption Architecture Engineering Information Security

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

The Hacker News

AUGUST 13, 2024

A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite.

Architecture

Architecture Information Security

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

“Our team quickly triaged the report and determined the risk to partners to be minimal,” said Patrick Beggs , ConnectWise’s chief information security officer. ” However, LastPass maintains that its “customer passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.”

Phishing

Phishing Architecture Passwords Accountability

My Philosophy and Recommendations Around the LastPass Breaches

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. These encrypted fields remain secured with 256-bit AES encryption and can only be decrypted with a unique encryption key derived from each user’s master password using our Zero Knowledge architecture.

Password Management

Password Management Passwords Encryption Backups

What Is a DMZ Network? Definition, Architecture & Benefits

eSecurity Planet

APRIL 7, 2023

These and many other network security solutions are ramped up specifically on the DMZ, making it so network administrators can often detect unusual behavior before unauthorized users try to move past the DMZ to access the LAN. Definition, Architecture & Benefits appeared first on eSecurityPlanet.

Architecture

Architecture Firewall Network Security Technology

Google Responds to Warrants for “About” Searches

Schneier on Security

OCTOBER 13, 2020

“We vigorously protect the privacy of our users while supporting the important work of law enforcement,” Google’s director of law enforcement and information security Richard Salgado told us. We have knowingly and willingly built the architecture of a police state, just so companies can show us ads.

Surveillance

Surveillance Wireless Accountability Architecture

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

The Last Watchdog

JULY 7, 2023

This necessitates a shift in paradigm for both security professionals and vendors, as IBM i Systems have been renowned for their inherent security. IBM i users are strongly advised to prioritize regular scanning, vulnerability remediation, and patching to ensure the security of their systems.

Architecture

Architecture Hacking Media Government

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

. • NASA lacked an Agency-wide risk management framework for information security and an information security architecture. The Security Operations Center lacks visibility and authority to manage information security incident detection and remediation for the entirety of NASA’s IT infrastructure.

Information Security

Information Security Cyber Attacks Mobile Architecture

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

Design your architecture in a way where the CMS back end (the behind-the-scenes content repository) is not directly coupled to the front end (the presentation system).

Data breaches

Data breaches Encryption Mobile Technology

New NKAbuse malware abuses NKN decentralized P2P network protocol

Security Affairs

DECEMBER 15, 2023

The malicious code can target various architectures, it supports both flooder and backdoor capabilities. The primary target of NKAbuse is Linux desktops, however, it can target MISP and ARM architecture. NKN (New Kind of Network) is a decentralized peer-to-peer network protocol that relies on blockchain technology.

Malware

Malware Architecture Technology DDOS

News alert: Implementing AI-powered ‘Cisco HyperShield’ requires proper cybersecurity training

The Last Watchdog

AUGUST 16, 2024

As an “AI-native” security architecture, HyperShield promises to redefine traditional security protocols through its automated proactive cybersecurity measures and AI-driven security solutions.

Cybersecurity

Cybersecurity Architecture Technology Network Security

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

The Last Watchdog

OCTOBER 19, 2020

For organizations looking to improve their security posture, this is causing confusion and vendor fatigue, especially for companies that don’t have a full time Chief Information Security Officer. The vendors are well-intentioned.

eCommerce

eCommerce Cybersecurity B2B Marketing

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The botnet leverages a robust architecture based on a combination of third-party services, P2P, and Command & Control servers. This architecture was implemented to make the botnet resilient to takedowns by law enforcement and security firms with the support of the vendors of the infected devices.

Architecture

Architecture DDOS Advertising DNS

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

The need for reset and oversight is so great that a new class of technology is emerging to give organizations a better grip on the digital sprawl that’s come to define modern-day enterprise architecture. About the essayist: Chris Reffkin is chief information security officer at cybersecurity software and services provider Fortra.

Risk

Risk Cybersecurity Technology CISO

DPRK-linked BlueNoroff used macOS malware with novel persistence

Security Affairs

NOVEMBER 7, 2024

The application bundle has the bundle identifier Education.LessonOne and contains a universal architecture (i.e., The second-state malware is a Mach-O x86-64 executable which can only run on Intel architecture Macs or Apple silicon devices with the Rosetta emulation framework installed.

Malware

Malware Risk Architecture Cryptocurrency

XCSSET malware now targets macOS 11 and M1-based Macs

Security Affairs

APRIL 19, 2021

For example, a sample with the MD5 hash sum 914e49921c19fffd7443deee6ee161a4 contains two architectures: x86_64 and ARM64.” The first one corresponds to previous-generation, Intel-based Mac computers, but the second one is compiled for ARM64 architecture, which means that it can run on computers with the new Apple M1 chip.”.

Malware

Malware Cryptocurrency Architecture Engineering

PHP addressed critical RCE flaw potentially impacting millions of servers

Security Affairs

JUNE 9, 2024

“However, since PHP CGI is an outdated and problematic architecture, it’s still recommended to evaluate the possibility of migrating to a more secure architecture such as Mod-PHP, FastCGI, or PHP-FPM.” ” concludes the advisory.

Architecture

Architecture Hacking Risk Cybersecurity

GUEST ESSAY: The case for complying with ISO 27001 — the gold standard of security frameworks

The Last Watchdog

FEBRUARY 26, 2023

At the developer level, they will fundamentally reshape how programmers do their work day in and day out – including employing more project management tools and secure system architecture frameworks to track and mitigate risks at any stage in the SDLC.

Cyber threats

Cyber threats Software Risk CISO

News Alert: Normalyze extends its DSPM platform to hybrid cloud and on-prem environments

The Last Watchdog

AUGUST 2, 2023

Padron “As our hybrid environment grew due to cloud migration and regulatory requirements, getting holistic visibility into our data stored on-premises and in the cloud is becoming a challenging task for our security and compliance teams,” said Nick Padron, Director of Information Security at Fairfield.

Cloud Migration

Cloud Migration Risk Architecture Media

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Security Affairs

MARCH 8, 2024

Government experts discovered sensitive information, including personal data, technical information, classified details, and passwords, in approximately half of the Federal Administration’s files (5,182). ” continues the report.

Ransomware

Ransomware Data breaches Unstructured Data Architecture

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

SEPTEMBER 18, 2024

“The investigation has yielded insights into the botnet’s network architecture, exploitation campaigns, malware components, and operational use, illuminating the evolving tactics and techniques employed by the threat actors. “This botnet has targeted entities in the U.S. ” concludes the report.

IoT

IoT Wireless DDOS Architecture

Google fixed a critical vulnerability in Chrome browser

Security Affairs

OCTOBER 30, 2024

Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple.

Engineering

Engineering Architecture Hacking Information Security

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Researchers from from Netlab, the network security division of Chinese tech giant Qihoo 360, have discovered a new botnet, tracked as HEH, that contains the code to wipe all data from infected systems, such as routers, IoT devices, and servers. In the current version, each node cannot send control command to its peers.

Architecture

Architecture IoT Malware Advertising

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

the firm’s Head of Security Engineering and Architecture, is quoted as saying that Apple “makes the most secure mobile devices on the market.”. Also concerning is the fact that in Apple’s Lockdown announcement, Ivan Krsti?, Is that really true?

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

New variant of Necro Trojan infected more than 11 million devices

Security Affairs

SEPTEMBER 25, 2024

The analysis of Happy SDK likely revealed a different variant of Necro that doesn’t have a modular architecture. Between August 26th and September 15th, security solutions blocked over 10,000 Necro attacks globally, with most of the infections in Russia, Brazil, and Vietnam. ” concludes the report.

Architecture

Architecture Malware Mobile Advertising

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs

OCTOBER 6, 2024

Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Malware

Malware Architecture Cryptocurrency Cyber Attacks

New modular ModPipe POS Malware targets restaurants and hospitality sectors

Security Affairs

NOVEMBER 12, 2020

The modular architecture of ModPipe consists of the basic components and downloadable modules: initial dropper that contains binaries (both 32-bit and 64-bit) of the next stage persistent loader and installs the appropriate version to the compromised machine. ” continues the analysis.

Malware

Malware Architecture Passwords Software

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

Security Affairs

AUGUST 18, 2024

This extortion campaign involved several security failures, including exposing environment variables, using long-lived credentials, and the lack of a least privilege architecture. This indicates that these threat actor groups are both skilled and knowledgeable in advanced cloud architectural processes and techniques.”

Architecture

Architecture Internet Internet Media

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Security Affairs

SEPTEMBER 29, 2022

Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux. A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn.

Malware

Malware DDOS Architecture Financial Services

Cisco SD-WAN flaw could lead to arbitrary code execution, patch it now!

Security Affairs

OCTOBER 23, 2021

Cisco SD-WAN is a cloud-delivered overlay WAN architecture that enables digital and cloud transformation at enterprises, it allows to connect disparate office locations via the cloud. An authenticated, local attacker can exploit the CVE-2021-1529 vulnerability to execute arbitrary commands with root privileges.

Architecture

Architecture Authentication Hacking Software

LastPass data breach: threat actors stole a portion of source code

Security Affairs

AUGUST 25, 2022

We utilize an industry standard Zero Knowledge architecture that ensures LastPass can never know or gain access to our customers’ Master Password. The company engaged a leading cybersecurity and forensics firm to investigate the incident, it confirmed that the data breach did not compromise users’ Master Passwords.

Data breaches

Data breaches Password Management Passwords Architecture

New P2PInfect bot targets routers and IoT devices

Security Affairs

DECEMBER 4, 2023

Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets routers, IoT devices, and other embedded devices. This variant has been compiled for the Microprocessor without Interlocked Pipelined Stages (MIPS) architecture. ” The new bot targets devices embedded with 32-bit MIPS processor.

IoT

IoT Architecture Malware Hacking

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture. The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion.

DDOS

DDOS Architecture Malware Cybercrime

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

More than a third (39%) used the microservice architecture. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST. Most of the web applications were owned by companies based in Russia, China and the Middle East.

Passwords

Passwords Authentication Architecture Risk

Lastpass discloses the second security breach this year

Security Affairs

NOVEMBER 30, 2022

Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.” ” reads the notice of security incident published by the company. The company pointed out that customers’ passwords were not compromised due to LastPass’s Zero Knowledge architecture. .

Architecture

Architecture Passwords Data breaches Password Management

Mozilla fixed a critical zero-day in Firefox and Thunderbird

Security Affairs

SEPTEMBER 13, 2023

The vulnerability was reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Toronto’s Munk School. . “Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.”

Spyware

Spyware Architecture Engineering Hacking

Cybersecurity: CASB vs SASE

Security Affairs

AUGUST 20, 2023

Secure Access Service Edge (SASE) emerges as a response to these changes, providing a holistic approach to networking and security in a cloud-native environment. SASE is an architectural framework that merges wide-area networking (WAN) capabilities with security functions, all delivered as a cloud-based service.

Cybersecurity

Cybersecurity Architecture Authentication Cyber threats

IDAT Loader used to infect a Ukraine entity in Finland with Remcos RAT

Security Affairs

FEBRUARY 27, 2024

The modular architecture of the IDAT loader allows it to easily add new features. Researchers from cybersecurity firm Uptcycs observed a Remcos RAT campaign using phishing emails claiming to be from an Israel Defense Forces consultant.

Malware

Malware Architecture Phishing Hacking

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Security Affairs

DECEMBER 9, 2021

Like the Mirai botnet, Dark Mirai determines the victim’s architecture to fetch and download the matching payload. Below are the two requests sent to the devices to compromise them: The researchers pointed out that successful exploitation requires authentication of the routers.

Firmware

Firmware Architecture Malware Hacking

Zero Trust Network Architecture vs Zero Trust: What Is the Difference?

Network Security Architecture: Best Practices & Tools

Trending Sources

On the Cybersecurity Jobs Shortage

Building a Ransomware Resilient Architecture

ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data

NIST’s Post-Quantum Cryptography Standards

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

ConnectWise Quietly Patches Flaw That Helps Phishers

My Philosophy and Recommendations Around the LastPass Breaches

What Is a DMZ Network? Definition, Architecture & Benefits

Google Responds to Warrants for “About” Searches

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

NASA identified 1,785 cyber incidents in 2020

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

New NKAbuse malware abuses NKN decentralized P2P network protocol

News alert: Implementing AI-powered ‘Cisco HyperShield’ requires proper cybersecurity training

GUEST ESSAY: ‘CyberXchange’ presents a much-needed platform for cybersecurity purchases

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

DPRK-linked BlueNoroff used macOS malware with novel persistence

XCSSET malware now targets macOS 11 and M1-based Macs

PHP addressed critical RCE flaw potentially impacting millions of servers

GUEST ESSAY: The case for complying with ISO 27001 — the gold standard of security frameworks

News Alert: Normalyze extends its DSPM platform to hybrid cloud and on-prem environments

Play ransomware attack on Xplain exposed 65,000 files containing data relevant to the Swiss Federal Administration.

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Google fixed a critical vulnerability in Chrome browser

New HEH botnet wipes devices potentially bricking them

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

New variant of Necro Trojan infected more than 11 million devices

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

New modular ModPipe POS Malware targets restaurants and hospitality sectors

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

Go-based Chaos malware is rapidly growing targeting Windows, Linux and more

Cisco SD-WAN flaw could lead to arbitrary code execution, patch it now!

LastPass data breach: threat actors stole a portion of source code

New P2PInfect bot targets routers and IoT devices

Enemybot, a new DDoS botnet appears in the threat landscape

Top 10 web application vulnerabilities in 2021–2023

Lastpass discloses the second security breach this year

Mozilla fixed a critical zero-day in Firefox and Thunderbird

Cybersecurity: CASB vs SASE

IDAT Loader used to infect a Ukraine entity in Finland with Remcos RAT

Dark Mirai botnet spreads targeting RCE on TP-Link routers

Stay Connected