Schneier on Security

APRIL 13, 2022

A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two weeks The attack used ICS-capable malware and regular disk wipers for Windows, Linux and Solaris operating systems We assess with high confidence that the

Malware 331

Malware 331

Troy Hunt

APRIL 10, 2022

In my ongoing bid to make more useful information on data breaches available to impacted national governments , today I'm very happy to welcome the 32nd national CERT to Have I Been Pwned, the Republic of North Macedonia! They now join their counterparts across the globe in having free API-level access to monitor and query their government domains.

Government 325

Government Data breaches 325

Krebs on Security

APRIL 13, 2022

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA). Of particular concern this month is CVE-2022-24521 , which is a “privilege escalation” vulnerability in the Windows common log file system driver.

DNS 300

DNS Internet Internet Firewall 300

The Last Watchdog

APRIL 14, 2022

It’s no secret that cyberattacks can happen to any business, and we should all be suspicious of messages from unfamiliar senders appearing in our email inboxes. Related: Deploying human sensors. But surely, we can feel confident in email communications and requests from our organization’s executives and fellow coworkers, right? The short answer: Not always.

Phishing 247

Phishing Accountability Scams Social Engineering 247

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

APRIL 12, 2022

John Oliver has an excellent segment on data brokers and surveillance capitalism.

Surveillance 306

Surveillance Data collection 306

Troy Hunt

APRIL 14, 2022

For many years now, I've lamented about how much of my time is spent attempting to disclose data breaches to impacted companies. It's by far the single most time-consuming activity in processing breaches for Have I Been Pwned (HIBP) and frankly, it's about the most thankless task I can imagine. Finding contact details is hard. Getting responses is hard.

Data breaches 315

Data breaches Scams Passwords Accountability 315

Krebs on Security

APRIL 12, 2022

The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums , an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho , of Portugal — with six criminal counts, including conspiracy, access device fraud and aggravated identi

Government 243

Government Identity Theft Mobile Data breaches 243

Schneier on Security

APRIL 14, 2022

This is a current list of where and when I am scheduled to speak: I’m speaking at Future Summits in Antwerp, Belgium on May 18, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia on June 3, 2022. I’m speaking at the RSA Conference 2022 in San Francisco, June 6-9, 2022.

237

237

Troy Hunt

APRIL 14, 2022

Bit of a long one this week, just due to a bunch of stuff all coinciding at the same time. The drone is obviously the coolest one and it was interesting to hear other people's experiences with theirs. This is just super cool tech and I can't remember the last time I looked at a consumer product and thought "wow, I didn't know they could do that!

Passwords 264

Passwords Government 264

The Last Watchdog

APRIL 11, 2022

From financial institutions to meat producers, it seems every industry has been impacted by ransomware in the past year — maybe even the past week. The world’s largest enterprises to the smallest mom-and-pop shops have been devastated by cybercriminals who are looking to hold assets hostage for a big pay day. Related: Tech solutions alone can’t stop ransomware.

Ransomware 235

Ransomware Social Engineering Passwords Engineering 235

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

APRIL 13, 2022

The new vulnerabilities are being actively exploited, prompting CISA to advise federal agencies and organizations to patch them in a timely manner. The post CISA adds 8 known security vulnerabilities as priorities to patch appeared first on TechRepublic.

212

212

Schneier on Security

APRIL 14, 2022

The Department of Energy, CISA, the FBI, and the NSA jointly issued an advisory describing a sophisticated piece of malware called Pipedream that’s designed to attack a wide range of industrial control systems. This is clearly from a government, but no attribution is given. There’s also no indication of how the malware was discovered. It seems not to have been used yet.

Malware 230

Malware Government 230

Anton on Security

APRIL 14, 2022

For many years, security practitioners imagined a security operations center (SOC) as a big room, full of expensive monitors and chairs. In these minds, rows of analysts sitting in those chairs and watching those monitors for blinking alerts made SOC, well, a SOC. This vision of the security operations center is derived from the original vision of the network operation center (NOC) that predates SOC by perhaps another decade or two.

Cloud Migration 189

Cloud Migration Digital transformation Engineering 189

The Last Watchdog

APRIL 13, 2022

Cyberattacks preceded Russia’s invasion of Ukraine, and these attacks continue today as the war unfolds. As the United States and other nations condemn Russia’s actions, the odds of Russian cyber actors targeting the U.S., allied countries, and businesses steadily increases. Related: Cyber espionage is in a Golden Age. These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technic

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

APRIL 14, 2022

Cybersecurity is more important than ever. Safeguard data from web trawling with this WordPress plugin. The post This WordPress plugin protects the emails displayed on your website appeared first on TechRepublic.

Cybersecurity 198

Cybersecurity Software 198

Lohrman on Security

APRIL 15, 2022

What do hackers really do? How do they do it? To answer these questions, many people turn to movies to learn and be entertained. Hacker’ s Movie Guide by Steve Morgan and Connor Morgan can help explore your options.

168

168

WIRED Threat Level

APRIL 13, 2022

Ukraine claims to have doxed Russian troops and spies, while hacktivists are regularly leaking private information from Russian organizations.

145

145

Security Affairs

APRIL 12, 2022

The dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of Operation TOURNIQUET. The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Operation TOURNIQUET was conducted by law enforcement agencies from the United States, United Kingdom, Sweden, Portugal, and Romania.

Cybercrime 145

Cybercrime Banking Accountability Hacking 145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

APRIL 14, 2022

A new SaaS survey finds that IT teams don’t know what software business units are using or who has access to security settings. The post Business teams increase cybersecurity risk due to poor SaaS management appeared first on TechRepublic.

Risk 195

Risk Cybersecurity Software 195

Lohrman on Security

APRIL 10, 2022

How can public-sector CISOs navigate the complicated issues surrounding budgets? Through good times and bad, these ideas can help.

Government 157

Government CISO 157

Malwarebytes

APRIL 12, 2022

Thanks to the Threat Intelligence team for their help with this article. Conti, the infamous ransomware created by a group of Russian and Eastern European cybercriminals, has again made headlines after a hacking group used its leaked source code to create another variant of the ransomware and target Russian businesses. The hacking group calls itself Network Battalion ’65 ( @xxNB65 ), and it is highly motivated by Russia’s invasion of Ukraine.

Ransomware 145

Ransomware Encryption Hacking Internet 145

Security Affairs

APRIL 13, 2022

Apache addressed a critical flaw in Apache Struts RCE that was linked to a previous issue that was not properly fixed. Apache Struts is an open-source web application framework for developing Java EE web applications. The Apache Software Foundation urges organizations to address a vulnerability, tracked as CVE-2021-31805, affecting Struts versions ranging 2.0.0 to 2.5.29.

Software 145

Software Hacking Cybersecurity Information Security 145

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

APRIL 13, 2022

A study published by NCC Group shows what businesses need to be aware of when attempting to prevent cyber attacks. The post Supply chain cyberattacks jumped 51% in 2021 appeared first on TechRepublic.

Cyber Attacks 186

Cyber Attacks 186

WIRED Threat Level

APRIL 13, 2022

The malware toolkit, known as Pipedream, is perhaps the most versatile tool ever made to target critical infrastructure like power grids and oil refineries.

Hacking 145

Hacking Malware 145

Malwarebytes

APRIL 11, 2022

A credential-stealing Windows-based malware, Spyware.FFDroider , is after social media credentials and cookies, according to researchers at ThreatLabz. The version analyzed by the researchers was packed with Aspack. The spyware is offered on download sites pretending to be installers for freeware and cracked versions of paid software. The analyzed version of Spyware.FFDroider disguises itself on victim’s machines to look like the instant messaging application “Telegram”.

Media 145

Media Malware Spyware Accountability 145

We Live Security

APRIL 12, 2022

This ICS-capable malware targets a Ukrainian energy company. The post Industroyer2: Industroyer reloaded appeared first on WeLiveSecurity.

Malware 145

Malware 145

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

APRIL 14, 2022

Hackers are using a technique known as Quoted-printable to trick security defenses into thinking a malicious link is legitimate, says Avanan. The post How cybercriminals are creating malicious hyperlinks that bypass security software appeared first on TechRepublic.

Software 179

Software Security Defenses 179

Security Boulevard

APRIL 14, 2022

More than a year after the SolarWinds Sunburst attack and most companies are still exposed to software supply chain attacks. In a study conducted by Argon Security at Aqua Security, it was found that the majority of companies didn’t implement software supply chain security measures and that most organizations are still at risk. “Unfortunately, most.

Software 144

Software Risk Cybersecurity 144

Malwarebytes

APRIL 14, 2022

After having tracked stalkerware for years, Malwarebytes can reveal that in 2021, detections for apps that can non-consensually monitor another person’s activity reached their highest peak ever, but that, amidst the record-setting numbers, the volume of detections actually began to significantly decrease in the second half of the year. This decrease in stalkerware-type activity never reached the lower levels in 2019 that Malwarebytes recorded before the start of the global coronavirus pand

Spyware 144

Spyware Antivirus Technology Government 144

Security Affairs

APRIL 12, 2022

Russia-linked Sandworm APT group targeted energy facilities in Ukraine with INDUSTROYER2 and CADDYWIPER wipers. Russia-linked Sandworm threat actors targeted energy facilities in Ukraine with a new strain of the Industroyer ICS malware (INDUSTROYER2) and a new version of the CaddyWiper wiper. According to the CERT-UA, nation-state actors targeted high-voltage electrical substations with INDUSTROYER2, the variant analyzed by the researchers were customized to target respective substations.

Government 144

Government Malware Hacking Cybersecurity 144

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity