Daniel Miessler

MARCH 10, 2022

People are starting to get the fact that texts (SMS) are a weak form of multi-factor authentication (MFA). Fewer people know that there’s a big gap between the post-SMS MFA options as well. As I talked about in the original CASSM post , there are levels to this game. In that post we talked about 8 levels of password security, starting from using shared and weak passwords and going all the way up to passwordless.

Authentication 364

Authentication Phishing Passwords Accountability 364

Joseph Steinberg

MARCH 8, 2022

Russian President, Vladimir Putin, is unlikely to publicly thank the tens of thousands of pro-Ukraine hacker activists whose highly visible hacking efforts have likely helped Russia far more than they have Ukraine, but if he were to issue a thank you letter, it might read something like this: Dear “Pro-Ukraine Hackers,” I wish to thank you for all of your valiant efforts over the past few weeks.

Artificial Intelligence 358

Artificial Intelligence Hacking Penetration Testing Government 358

Schneier on Security

MARCH 7, 2022

An Alexa can respond to voice commands it issues. This can be exploited : The attack works by using the device’s speaker to issue voice commands. As long as the speech contains the device wake word (usually “Alexa” or “Echo”) followed by a permissible command, the Echo will carry it out, researchers from Royal Holloway University in London and Italy’s University of Catania found.

Hacking 352

Hacking 352

Troy Hunt

MARCH 9, 2022

I have lots of little ideas for various pet projects, most of which go nowhere ( Have I Been Pwned being the exception), so I'm always looking for the fastest, cheapest way to get up and running. Last month as part of my blog post on How Everything We're Told About Website Identity Assurance is Wrong , I spun up a Cloudflare Pages website for the first time and hosted digicert-secured.com there (the page has a seal on it so you know you can trust it).

Passwords 346

Passwords DNS Accountability Risk 346

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

MARCH 8, 2022

Lumen Technologies , an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider Cogent , and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukr

Internet 332

Internet Internet Government Technology 332

Lohrman on Security

MARCH 6, 2022

New mandated reporting of major cyber incidents for all owners and operators of U.S. critical infrastructure seems closer than ever, thanks to new bills that are supported by the White House.

Cyber Attacks 287

Cyber Attacks 287

Troy Hunt

MARCH 10, 2022

Somehow this week ended up being all about Russia and Cloudflare. Mostly as 2 completely separate topics, but also a little bit around Cloudflare's ongoing presence in Russia (with a very neutral view on that, TBH). Looking back on this video a few hours later, the thing that strikes me is the discussion around what appears to be a phishing page seeking donations for Ukraine.

Phishing 272

Phishing Scams Passwords Ransomware 272

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians. John Todd is general manager of Quad9 , a free “anycast” DNS platform.

DNS 312

DNS Internet Internet Phishing 312

The Last Watchdog

MARCH 7, 2022

As companies accelerate their reliance on agile software development, cloud-hosted IT infrastructure and mobile applications, vulnerability management (VM) has an increasingly vital security role to play. Related: Log4j vulnerability translates into vast exposures. Not only does VM contribute to the safety and security of an organization’s network and infrastructure, it also helps ensure infrastructure performance is optimized.

Data breaches 229

Data breaches Mobile Risk Cyber Risk 229

Schneier on Security

MARCH 10, 2022

It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found and neutered. Near as I can tell, the only thing that worked was the disabling of regional KA-SAT SATCOM terminals. It’s probably too early to reach any conclusions, but people are starting to write about this, with varying theories.

315

315

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

MARCH 11, 2022

Developers are exploring new tools and methodologies to ensure the next log4j doesn’t happen. Will it work? The post Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps appeared first on TechRepublic.

Software 216

Software 216

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies , what it was like on a typical day at the Conti office , and how Conti secured the digital weaponry used in their attacks.

Ransomware 247

Ransomware Cryptocurrency DDOS Scams 247

Doctor Chaos

MARCH 7, 2022

Russian threat actor Conti has their data leaked. In this podcast, we will take a look at the leaked data and see what we can learn about one of the largest threat actors operating. Listen on SoundCloud by clicking on the link. [link]. or listen on our embedded viewer or your favorite podcast app.

Media 147

Media 147

Schneier on Security

MARCH 9, 2022

Zelle is rife with fraud : Zelle’s immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. There’s no way for customers — and in many cases, the banks themselves — to retrieve the money. […].

Banking 289

Banking Scams 289

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

MARCH 8, 2022

APC-branded uninterruptible power supplies were found to be vulnerable to three zero day exploits that could let an attacker physically damage the UPS and attached assets, Armis said. The post TLStorm exploits expose more than 20 million UPS units to takeover. Was yours one of them? appeared first on TechRepublic.

202

202

Krebs on Security

MARCH 9, 2022

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users, and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix.

Authentication 40

Authentication Cyber threats Ransomware Software 40

Security Affairs

MARCH 10, 2022

The U.S. CISA has updated the alert on Conti ransomware and added 98 domain names used by the criminal gang. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated the alert on Conti ransomware operations, the agency added 100 domain names used by the group. The joint report published by CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) in September warned of an increased number of Conti ransomware attacks against US organizations.

Ransomware 145

Ransomware Cyber threats Hacking Cybersecurity 145

Bleeping Computer

MARCH 7, 2022

A new Linux vulnerability known as 'Dirty Pipe' allows local users to gain root privileges through publicly available exploits. [.].

145

145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

MARCH 8, 2022

Antivirus software protects your data against cybercriminals, ransomware and malware. Compare the best software now. The post The 10 best antivirus products you should consider for your business appeared first on TechRepublic.

Antivirus 189

Antivirus Software Ransomware Malware 189

Trend Micro

MARCH 7, 2022

We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper.

Ransomware 144

Ransomware Malware Cyber threats 144

Security Affairs

MARCH 5, 2022

Anonymous and its affiliates continue to target Russia and Belarus, it is also targeting the Russian disinformation machine. Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. The attacks were conducted as part of the #OpRussia launched by the collective after the violent and illegitimate invasion of Ukraine.

Hacking 145

Hacking Government Banking Media 145

Bleeping Computer

MARCH 11, 2022

Video game developer Ubisoft has confirmed that it suffered a 'cyber security incident' that caused disruption to some of its services. Data extortion group LAPSUS$, who has claimed responsibility for hacking Samsung, NVIDIA, and Mercado Libre thus far, also appears to be behind Ubisoft incident. [.].

Passwords 143

Passwords Hacking 143

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

MARCH 7, 2022

Advances in graphics processing technology have slashed the time needed to crack a password using brute force techniques, says Hive Systems. The post How an 8-character password could be cracked in less than an hour appeared first on TechRepublic.

Passwords 187

Passwords Technology 187

Malwarebytes

MARCH 5, 2022

Recently, the Malwarebytes Threat Intelligence Team found a Formbook campaign targeting oil and gas companies. The campaign was delivered by a targeted email that contained two attachments, one is a pdf file and the other an Excel document. Formbook. The Formbook malware is an information stealer that is in use by many threat actors. Formbook has been around since 2016 and is readily available on dark web market places.

Malware 142

Malware Manufacturing Marketing 142

The Hacker News

MARCH 8, 2022

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP's UEFI firmware.

Firmware 140

Firmware Cybersecurity 140

Bleeping Computer

MARCH 10, 2022

Russia has created its own trusted TLS certificate authority (CA) to solve website access problems that have been piling up after sanctions prevent certificate renewals. [.].

142

142

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

MARCH 10, 2022

The Financial Crimes Enforcement Network has issued a statement for financial institutions to be aware of suspicious activity. The post Russia may try to dodge sanctions using ransomware payments, warns US Treasury appeared first on TechRepublic.

Ransomware 186

Ransomware 186

Graham Cluley

MARCH 6, 2022

Oh how embarrassing for the criminal gang who extorted millions from businesses by threatening to leak their data, that someone leaked some 160,000 messages between their members as well as their malware source code.

Ransomware 140

Ransomware Malware 140

The Hacker News

MARCH 6, 2022

Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild.

Software 140

Software 140

Google Security

MARCH 10, 2022

Posted by Adrian Taylor, Chrome Security Team If you are a regular reader of our Chrome release blog , you may have noticed that phrases like 'exploit for CVE-1234-567 exists in the wild' have been appearing more often recently. In this post we'll explore why there seems to be such an increase in exploits, and clarify some misconceptions in the process.

Engineering 139

Engineering Software Risk Accountability 139

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity