Schneier on Security

OCTOBER 7, 2020

A good rundown.

Engineering 361

Engineering 361

Krebs on Security

OCTOBER 9, 2020

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet , a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command. Image: Shuttstock.

Ransomware 342

Ransomware Internet Internet Passwords 342

Troy Hunt

OCTOBER 9, 2020

It's a bit of a mega one this week running over the 1-hour mark, but there's been an awful lot happen during the last week that I reckon is of interest. There's a decidedly adult theme running across the topics not by design, but just by pure coincidence between the Grindr incident, a query I got regarding erasing one's adult website browsing history and the IoT male chastity device full of security holes and potential requiring a grinder (not Grindr!

IoT 247

IoT Government 247

Daniel Miessler

OCTOBER 4, 2020

The US is currently being ravaged by ransomware. Google News Results for US Ransomware. Our schools are being disabled, our small businesses are being pilfered, our cities are being taken offline, and now our hospitals are being attacked as well. I talk about the reasons here , but in short, we have long had a horrible state of security in our local governments, our small businesses, our schools, and our hospitals.

Ransomware 246

Ransomware Small Business Government InfoSec 246

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

OCTOBER 5, 2020

Interesting usability study: “ More Than Just Good Passwords? A Study on Usability and Security Perceptions of Risk-based Authentication “: Abstract : Risk-based Authentication (RBA) is an adaptive security measure to strengthen password-based authentication. RBA monitors additional features during login, and when observed feature values differ significantly from previously seen ones, users have to provide additional authentication factors such as a verification code.

Authentication 357

Authentication Risk Passwords 357

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that in

Cybercrime 338

Cybercrime VPN Malware Ransomware 338

Security Affairs

OCTOBER 8, 2020

Cybersecurity researchers from Cyble have spotted a threat actor sharing leaked data of Airlink International UAE for free on two different platforms. Cybersecurity researchers from Cyble have found a threat actor sharing leaked data of Airlink International UAE for free on two platforms on the dark web. The availability of the data on the dark web could pose organizations to serious risk, threat actors could use this data to carry out multiple malicious attacks.

Advertising 145

Advertising Insurance Backups Media 145

Schneier on Security

OCTOBER 6, 2020

Previously I have written about the Swedish-owned Swiss-based cryptographic hardware company: Crypto AG. It was a CIA-owned Cold War operation for decades. Today it is called Crypto International , still based in Switzerland but owned by a Swedish company. It’s back in the news : Late last week, Swedish Foreign Minister Ann Linde said she had canceled a meeting with her Swiss counterpart Ignazio Cassis slated for this month after Switzerland placed an export ban on Crypto International , a

Cybersecurity 354

Cybersecurity 354

Krebs on Security

OCTOBER 7, 2020

September featured two stories on a phony tech investor named John Bernard , a pseudonym used by a convicted thief named John Clifton Davies who’s fleeced dozens of technology companies out of an estimated $30 million with the promise of lucrative investments. Those stories prompted a flood of tips from Davies’ victims that paint a much clearer picture of this serial con man and his cohorts, including allegations of hacking, smuggling, bank fraud and murder.

Banking 281

Banking Scams Government Advertising 281

Tech Republic Security

OCTOBER 9, 2020

Hackers accidentally allowed into company software by security noncompliant employees cost businesses millions annually; we asked experts to weigh in on best safety practices.

Software 218

Software 218

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

WIRED Threat Level

OCTOBER 6, 2020

The Checkm8 vulnerability that exposed years of iPhones to jailbreaking has finally been exploited in Macs as well.

Hacking 145

Hacking 145

Security Affairs

OCTOBER 5, 2020

Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. Threat actors have managed to steal employee salary payments at several Swiss universities, including the University of Basel. “According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities.

Advertising 145

Advertising Phishing Cybercrime Hacking 145

CompTIA on Cybersecurity

OCTOBER 6, 2020

Interested in a career in cybersecurity? Find out more about the top nine cybersecurity job titles in the United States as told by Cyberseek, and understand what education, certifications and skills you need to start a career in cybersecurity.

Cybersecurity 143

Cybersecurity Education 143

Tech Republic Security

OCTOBER 7, 2020

Bad actors use machine learning to break passwords more quickly and build malware that knows how to hide, experts warn.

Artificial Intelligence 218

Artificial Intelligence Cybersecurity Passwords Malware 218

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

WIRED Threat Level

OCTOBER 5, 2020

The tool attacks a device’s UEFI firmware—which makes it especially hard to detect and destroy.

Spyware 145

Spyware Firmware Hacking 145

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware.

Firmware 145

Firmware Spyware Surveillance Hacking 145

Threatpost

OCTOBER 8, 2020

Two flaws in Microsoft's cloud-based Azure App Services could have allowed server-side forgery request (SSFR) and remote code-execution attacks.

Hacking 135

Hacking 135

Tech Republic Security

OCTOBER 7, 2020

A survey of business leaders by PwC finds the pandemic is causing rapid changes in the roles CISOs play, and offers five tips for ensuring that security remains stable as we enter a new normal.

CISO 218

CISO 218

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

WIRED Threat Level

OCTOBER 5, 2020

Seven distinct factors between now and the election threaten to combine, compound, and reinforce each other in unpredictable ways.

145

145

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. The experts are monitoring the Mirai-based botnet since November 2019 and observed it exploiting two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT).

IoT 145

IoT Firmware Advertising DNS 145

Threatpost

OCTOBER 9, 2020

Immersive Labs Researcher takes advantage of lax Fitbit privacy controls to build a malicious spyware watch face.

Spyware 133

Spyware IoT Mobile Malware 133

Tech Republic Security

OCTOBER 7, 2020

The phishing page tries to obtain email credentials, Social Security numbers, driver's license numbers, and tax numbers, says Armorblox.

Phishing 218

Phishing 218

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

WIRED Threat Level

OCTOBER 3, 2020

Plus: A Grindr bug, a Joker explosion, and more of the week's top security news.

Ransomware 138

Ransomware 138

Security Affairs

OCTOBER 4, 2020

Visa revealed that two unnamed North American hospitality merchants have been infected with some strains of point-of-sale (POS) malware. US payments processor Visa revealed that two North American hospitality merchants have been hacked, threat actors infected the systems of the two unnamed organizations with some strains of point-of-sale (POS) malware.

Malware 145

Malware Advertising Accountability Hacking 145

Daniel Miessler

OCTOBER 4, 2020

I’ve been writing a lot on ransomware recently , and wanted to comment on an interesting new development in attackers’ toolchests. At first they started with: If you don’t pay, you won’t get your data back. This is the original ransomware tactic. It’s a denial of service against your data. You pay, and you (sometimes) get your data back.

DDOS 134

DDOS Ransomware Backups Encryption 134

Tech Republic Security

OCTOBER 7, 2020

Remote work will lead to more phishing attacks and threats to accounting and marketing departments, according to IT security managers.

Marketing 218

Marketing Phishing Accountability 218

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

WIRED Threat Level

OCTOBER 8, 2020

While it's still far more common on PCs, mobile ransomware has undergone a worrying evolution, new research shows.

Ransomware 136

Ransomware Mobile 136

Security Affairs

OCTOBER 3, 2020

University Hospital New Jersey paid a $670,000 ransom this month to prevent the leak of 240 GB of stolen data, including patient information. The University Hospital New Jersey (UHNJ) in Newark (New Jersey) has finally paid a $670,000 ransom to prevent the publishing of 240 GB of stolen data, including patient info. In September, systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware , threat actors also stolen documents from the institution and leaked

Ransomware 145

Ransomware Advertising Encryption Phishing 145

Anton on Security

OCTOBER 7, 2020

While creating a recent presentation, I needed a slide on “threat detection is hard.” And it got me thinking, why is threat detection so hard for so many organizations today? We can trace the “cyber” threat detection to 1986 ( “Cuckoo’s Egg” ) and 1987 ( first IDS ) and perhaps even earlier events (like viruses of the early 1980s). This means we are “celebrating” ~35 years of cyber threat detection.

Threat Detection 130

Threat Detection Cyber threats Technology Security Awareness 130

Tech Republic Security

OCTOBER 7, 2020

Freezing your child's credit is one way to stop cybercriminals from stealing their identity. But you have to be careful to keep the key to thaw it later.

Identity Theft 217

Identity Theft Cybersecurity 217

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity