Schneier on Security

DECEMBER 31, 2020

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information. The protocol s/MIME (V3) allows signed receipts, security labels, and secure mailing lists… The underlying certificate used by s/MIME mechanism has to be in compliance with X.509 standard… The processing rules for s/MIM

Encryption 363

Encryption Software 363

Krebs on Security

DECEMBER 18, 2020

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware , which the U.S.

Software 363

Software Authentication Hacking Government 363

Troy Hunt

DECEMBER 19, 2020

I'm live again! Well, I was live having found enough connectivity in Port Douglas to go back to streaming. I'll still be here next week too and will plan on doing a Christmas morning stream from the same location. I talk a bunch about the trip and what I'm seeing in Aus in the latter part of this video, it's a truly amazing place I'm only just getting to really see extensively now.

Password Management 336

Password Management Healthcare Passwords Government 336

Adam Levin

DECEMBER 30, 2020

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. Swatting is a dangerous prank where emergency services are called to respond to a life threatening situation that requires immediate intervention by police and/or S.W.A.T. teams. In a public service announcement issued December 29, the FBI warned that “offenders have been using stolen e-mail passwords to access smart devices with cameras and voice capabilities and carry out swatting attacks.

IoT 300

IoT Hacking Internet Internet 300

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Daniel Miessler

DECEMBER 3, 2020

The Lawfare Podcast is one of my few staples, and I just listened to another great episode on espionage against US buisnesses. My main takeaway was this: Foreign governments—and especially China—are pivoting from targeting other governments for their secrets, to instead going after private companies because that’s where most of the intellectual property is.

Government 251

Government Information Security 251

Anton on Security

DECEMBER 22, 2020

New Paper: “Future of the SOC: SOC People?—?Skills, Not Tiers” Back in August , we released our first Google/Chronicle?—?Deloitte Security Operations Center (SOC) paper titled “Future of the SOC: Forces shaping modern security operations” ( launch blog , paper PDF ) and promised a series of three more papers covering SOC people, process and technology.

Technology 246

Technology 246

Krebs on Security

DECEMBER 16, 2020

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise of its software update servers earlier this year may have resulted in malicious code

Hacking 362

Hacking Malware Software Cybercrime 362

Troy Hunt

DECEMBER 11, 2020

Well this is different; a weekly update bereft of neon studio lighting and instead done from the great outdoors, complete with all sorts of animal noises and a (probably) drunk green tree frog. I picked one of my favourite travelling companions to join me this week, a little guy I last did one of these with in a very different environment back in Oslo earlier this year.

Data breaches 317

Data breaches Passwords Accountability 317

Adam Levin

DECEMBER 23, 2020

Law enforcement agencies from the United States and Europe seized domain names and servers belonging to a virtual private network (VPN) provider long linked to online cybercrime. In a press release issued December 22, U.S. Attorney Matthew Schneider announced the action, called “Operation Nova,” which disrupted the activities of a so-called “bulletproof hosting service” in coordination with Europol and law enforcement agencies from Germany, France, Switzerland, and the Netherlands.

VPN 260

VPN Cybercrime Phishing Ransomware 260

Daniel Miessler

DECEMBER 9, 2020

I am often asked for my thoughts on the Bug Bounty / RECON / Asset Inventory / Attack Surface Management spaces. This is partially because I founded a company, called HELIOS, back in 2016, which I separated from at the end of 2018. And although I am no longer actively involved in the space I still follow it from a distance. Here’s how I understand the space and where it’s going.

Marketing 250

Marketing Internet Internet Information Security 250

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Joseph Steinberg

DECEMBER 14, 2020

The U.S. government instructed all of its civilian agencies to immediately shut off various popular network and system management products being exploited as part of an ongoing cyberattack. Russian government hackers are believed to have poisoned with malware updates of the SolarWinds Orion products used in many government agencies and in over 80% of the Fortune 500, introducing vulnerabilities that the hackers then exploited to conduct espionage and to pilfer extremely sensitive materials.

Government 246

Government Cybersecurity Software Engineering 246

Schneier on Security

DECEMBER 18, 2020

The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected data in the cloud.” This is related to the SolarWinds hack I have previously written about , and represents one of the techniques the SVR is using once it has gained access to target networks.

Authentication 363

Authentication Hacking Accountability Cybersecurity 363

Krebs on Security

DECEMBER 10, 2020

Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.

Ransomware 357

Ransomware Financial Services Cyber threats Banking 357

Troy Hunt

DECEMBER 4, 2020

It's a lighter weekly update this week, kinda feels like I'm still recovering from last week's epic IoT series TBH. It's also the last update from home before I go on my first decent trip since the whole pandemic thing started and as such, the next five updates will all come from other locations, some of them rather, uh, "remote". But there's still an hour of content today including the fact that it's HIBP's birthday ??

Password Management 257

Password Management IoT Passwords 257

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Adam Levin

DECEMBER 16, 2020

If 2020 taught us anything, it’s to expect the unexpected–and do the best we can in a rapidly changing world. That’s always the case when it comes to cybersecurity. Here are 12 New Year Resolutions for a safer and more secure digital you in 2021: Think before you click that email link: 2020 was a record-breaking year for ransomware, malware, and phishing , and many, if not most of these attacks were launched with the click on a link in an email.

VPN 245

VPN Antivirus Passwords Backups 245

Tech Republic Security

DECEMBER 31, 2020

Cybercriminals do what they do for money, so why not make it unworthy of their time to attack your small or medium business?

Cybersecurity 218

Cybersecurity 218

Joseph Steinberg

DECEMBER 1, 2020

Social media users’ delight at receiving notification that their accounts have qualified for Verification (that is, receiving the often-coveted “blue check mark” that appears on the social media profiles of public figures) has become the latest target of criminal exploitation. Cybercrooks intent on stealing people’s identities (or worse) have begun sending well-crafted messages that both impersonate various major social-media providers, as well as mimic the instructions that such media platforms

Media 246

Media Accountability Phishing Scams 246

Schneier on Security

DECEMBER 18, 2020

Gizmodo is reporting that schools in the US are buying equipment to unlock cell phones from companies like Cellebrite: Gizmodo has reviewed similar accounting documents from eight school districts, seven of which are in Texas, showing that administrators paid as much $11,582 for the controversial surveillance technology. Known as mobile device forensic tools (MDFTs), this type of tech is able to siphon text messages, photos, and application data from student’s devices.

Surveillance 363

Surveillance Mobile Accountability Technology 363

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Krebs on Security

DECEMBER 4, 2020

The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name. Currently, IP PINs are issued only to those who fill out an ID theft affidavit, or to taxpayers who’ve experienced tax refund fraud in previous years.

Mobile 335

Mobile Authentication Accountability 335

Troy Hunt

DECEMBER 26, 2020

Well that's Christmas down for another year, and a rather different one it was for so many of us around the world. I'm pumping this post out very quickly (a couple of days after recording) whilst midway along a very long drive. I'll share more about that on my New Year's Day broadcast so for now, here's the Christmas Day weekly update: References Ledger customers are receiving some super nasty protection emails (makes me think of the mob charging business to make sure "nothing happens to them.

Password Management 236

Password Management Passwords 236

The Last Watchdog

DECEMBER 13, 2020

One legacy of the ongoing global pandemic is that companies now realize that a secured and well-supported remote workforce is possible. Recently, the University of Illinois and the Harvard Business School conducted a study, and 16% of companies reported switching their employees to work at home from offices at least twice a week. Related: SASE translates into secure connectivity.

IoT 214

IoT B2C B2B VPN 214

Tech Republic Security

DECEMBER 30, 2020

Collaboration between organizations and even countries might be the only way to have a positive impact on cybercrime, according to one expert.

Cybercrime 218

Cybercrime Cybersecurity 218

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Joseph Steinberg

DECEMBER 14, 2020

A former Cisco engineer was sentenced this past Wednesday (December 9, 2020) to 24 months in prison (and a $15,000 fine) for accessing Cisco’s network, and subsequently causing a service outage of Cisco’s WebEx Teams video conferencing service. Sudhish Kasaba Ramesh, who worked in California for Cisco from July 2016 to April 2018, pled guilty in August to charges emanating from his alleged accessing of Cisco’s network in September of 2018 (5 months after he left Cisco), and his subsequent

Engineering 242

Engineering Hacking Accountability Scams 242

Schneier on Security

DECEMBER 10, 2020

The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they started extorting money from the patients : Neither the company nor Finnish investigators have released many details about the nature of the breach, but reports say the attackers initially sought a payment of about 450,000 euros to protect about 40,000 patient records.

Data breaches 363

Data breaches Healthcare Cybercrime Cybersecurity 363

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment. Roughly a week ago, the OGUsers homepage was defaced with a message stating the forum’s user database had been compromised.

Accountability 334

Accountability Hacking Scams Media 334

Adam Levin

DECEMBER 9, 2020

FireEye is a global leader in cybersecurity. The company disclosed this week that a data breach had occurred, announcing that “a highly sophisticated threat actor” compromised their systems and stole tools the company used to simulate cyberattacks and data breaches. . Here’s what you need to know: The threat actors responsible have yet to be identified.

Data breaches 190

Data breaches Hacking Government Software 190

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Last Watchdog

DECEMBER 8, 2020

Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. We began the new millennium with on-premises data centers supporting servers and desktops that a technician in sneakers could service. Connectivity was relatively uncomplicated.

Firewall 213

Firewall Digital transformation Internet Internet 213

Tech Republic Security

DECEMBER 29, 2020

AI and machine learning have the potential to take a bite out of cybercrime, but let's not forget the human factor.

Cybercrime 218

Cybercrime Cybersecurity 218

Adam Shostack

DECEMBER 27, 2020

It’s easy to forget that the Lunar Reconnaissance Orbiter has been circling the moon for nearly a dozen years. Via DIY Photography.

190

190

Schneier on Security

DECEMBER 15, 2020

This is interesting : Toward the end of the second incident that Volexity worked involving Dark Halo, the actor was observed accessing the e-mail account of a user via OWA. This was unexpected for a few reasons, not least of which was the targeted mailbox was protected by MFA. Logs from the Exchange server showed that the attacker provided username and password authentication like normal but were not challenged for a second factor through Duo.

Authentication 363

Authentication Passwords Accountability Network Security 363

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!