Schneier on Security

MAY 4, 2022

Mandiant is reporting on a new botnet. The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims’ networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim environment and picking up where things left off. There are many keys to its stealth, including: The use of a unique backdoor Mandiant calls Quietexit, which runs on load balancers, wireless access point controllers, and other types

Malware 274

Malware IoT Wireless Antivirus 274

Troy Hunt

MAY 6, 2022

It's back to business as usual with more data breaches, more poor handling of them and more IoT pain. I think on all those fronts there's a part of me that just likes the challenge and the opportunity to fix a broken thing. Or maybe I'm just a sucker for punishment, I don't know, but either way it's kept me entertained and given me plenty of new material for this week's video 😊 References The book is almost ready to launch!

IoT 267

IoT Data breaches Passwords 267

The Last Watchdog

MAY 5, 2022

Ransomware? I think you may have heard of it, isn’t the news full of it? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020. Related: Make it costly for cybercriminals. The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor.

Ransomware 247

Ransomware Risk Internet Internet 247

Tech Republic Security

MAY 6, 2022

Several businesses in critical infrastructure were forced to confront some hard truths in the wake of the 2021 ransomware attack. The post One year removed from the Colonial Pipeline attack, what have we learned? appeared first on TechRepublic.

Ransomware 200

Ransomware 200

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Schneier on Security

MAY 3, 2022

Researchers are using the reflection of the smartphone in the pupils of faces taken as selfies to infer information about how the phone is being used: For now, the research is focusing on six different ways a user can hold a device like a smartphone: with both hands, just the left, or just the right in portrait mode, and the same options in horizontal mode.

240

240

Troy Hunt

APRIL 30, 2022

Didn't get a lot done this week, unless you count scuba diving, snorkelling, spear fishing and laying around on tropical sand cays 😎 This week is predominantly about the time we just spent up on the Great Barrier Reef which has very little relevance to infosec, IoT, 3D printing and the other usual topics. But as I refer to in the guitar lessons blog post referenced below, I share what I do pretty transparently and organically and this week, that's what I want to talk about.

InfoSec 224

InfoSec IoT 224

Tech Republic Security

MAY 3, 2022

Chats analyzed by Cisco Talos show how ransomware groups determine ransom amounts and force organizations to pay but also are willing to negotiate with victims. The post Internal chats of ransomware cybercriminals reveal ways to avoid becoming a victim appeared first on TechRepublic.

Ransomware 190

Ransomware 190

Graham Cluley

MAY 3, 2022

A police car's digital in-car video system uncovered that two Los Angeles officers ignored calls to provide assistance at a department store robbery because they were too enthralled in catching Pokémon.

144

144

SecureList

MAY 4, 2022

In February 2022 we observed the technique of putting the shellcode into Windows event logs for the first time “in the wild” during the malicious campaign. It allows the “fileless” last stage Trojan to be hidden from plain sight in the file system. Such attention to the event logs in the campaign isn’t limited to storing shellcodes.

Malware 144

Malware Encryption Architecture Technology 144

We Live Security

MAY 3, 2022

Organizations need to get better at mitigating threats from unknown vulnerabilities, especially as both state-backed operatives and financially-motivated cybercriminals are increasing their activity. The post What’s behind the record‑high number of zero days? appeared first on WeLiveSecurity.

Cybersecurity 143

Cybersecurity 143

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

MAY 3, 2022

Identity theft and data breaches are less likely to occur in an environment without passwords. The post Why World Password Day should become World Passwordless Day appeared first on TechRepublic.

Passwords 165

Passwords Identity Theft Data breaches 165

CSO Magazine

MAY 2, 2022

Cybersecurity pros interested in metrics and measures frequently ponder and pontificate on what measures would be best to show the board of directors. That can be a tricky proposition because “we have to speak like the business” is also a mantra. Coming up with cybersecurity metrics from a business perspective can be a challenge. So how can we solve this problem and provide useful insight?

Cybersecurity 140

Cybersecurity Phishing 140

Security Boulevard

MAY 4, 2022

Back on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect, meaning all organizations that offer goods or services to European Union residents, or collect consumer data within the region, are now required to comply with the regulation. The post Unstructured Data and What it Means for GDPR Compliance appeared first on Security Boulevard.

Unstructured Data 139

Unstructured Data Data privacy Risk Government 139

Bleeping Computer

MAY 3, 2022

A vulnerability in the domain name system (DNS) component of a popular C standard library that is present in a wide range of IoT products may put millions of devices at DNS poisoning attack risk. [.].

DNS 137

DNS IoT Risk 137

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

MAY 3, 2022

Many high-level executives and business owners rely on weak and simple passwords, leaving their companies more vulnerable to data breaches, says NordPass. The post Even C-suite executives use terrible passwords like 123456 appeared first on TechRepublic.

Passwords 162

Passwords Data breaches 162

eSecurity Planet

MAY 3, 2022

Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations. Nozomi Networks Labs found the vulnerability in the Uclibc and uClibc-ng libraries, which provide functions to make common DNS operations such as lookups or translating domain names to IP addresses.

DNS 131

DNS Risk Firmware IoT 131

Security Boulevard

MAY 1, 2022

In the past, I’ve written about digital privacy and how much data we leak through our day to day interactions. I think this is an important topic to consider and really focus on and it is an element of cybersecurity at both the enterprise and personal level that isn’t discussed enough. One of the reasons […]… Read More. The post OSINT: The privacy risks of sharing too much information appeared first on The State of Security.

Risk 136

Risk Cybersecurity 136

Bleeping Computer

MAY 5, 2022

The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. [.].

143

143

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

MAY 5, 2022

Adopting a new authentication method from the FIDO Alliance, the three major OS vendors will let you use encrypted credentials stored on your phone to automatically sign you into your online accounts. The post Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone appeared first on TechRepublic.

Mobile 150

Mobile Passwords Encryption Authentication 150

The State of Security

MAY 5, 2022

The FBI's Internet Crime Complaint Center (IC3) has issued updated statistics on Business Email Compromise (BEC) attacks which use a variety of social engineering and phishing techniques to break into accounts and trick companies into transferring large amounts of money into the hands of criminals. Read more in my article on the Tripwire State of Security blog.

Social Engineering 129

Social Engineering Engineering Phishing Internet 129

Security Boulevard

MAY 2, 2022

Twenty years ago, Bill Gates foresaw the security threats looming as new technologies were introduced and threat actors were ramping up their efforts. He urged for including security development at every stage of the software life cycle in his company’s products. It’s a lesson developers haven’t taken to heart, as AppSec lags far behind in. The post AppSec Champions Bring Security Front and Center appeared first on Security Boulevard.

Technology 135

Technology Software CISO Security Awareness 135

Bleeping Computer

MAY 3, 2022

Hackers commonly exploit vulnerabilities in corporate networks to gain access, but a researcher has turned the table by finding exploits in the most common ransomware and malware being distributed today. [.].

Ransomware 131

Ransomware Encryption Malware Technology 131

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

MAY 4, 2022

If you're looking to employ a solid VPN service for remote workers, NordLayer VPN is an outstanding option. Find out how to install and use the client on both Ubuntu Desktop and Fedora 36. The post How to install the NordLayer VPN client on Linux and connect it to a virtual network appeared first on TechRepublic.

VPN 145

VPN Software 145

Malwarebytes

MAY 4, 2022

The wacky world of ape jpegs are at the heart of yet another increasingly bizarre internet scam, which contains malware, stolen accounts, a faint possibility of phishing, and zips full of ape pictures. The Ape Executives have a job offer you can, and must, refuse. Lots of people with art profiles on social media in Japan and elsewhere have reported messages from people claiming to be from the “Cyberpunk Ape Executives”.

Malware 131

Malware Scams Accountability Phishing 131

eSecurity Planet

MAY 3, 2022

Databases contain some of the most critical data in enterprises, so vulnerabilities in them are serious issues. Researchers at Singapore-based cybersecurity company Group-IB recently discovered thousands of databases exposed to the internet that could have been exploited when they were left unprotected. The Attack Surface Management team at Group-IB said it constantly scans the IPv4 landscape for exposed databases, potentially unwanted programs, and other risks.

Social Engineering 128

Social Engineering Internet Internet Risk 128

CSO Magazine

MAY 3, 2022

Effective partnerships between CISOs and their cybersecurity vendors are integral to security success. A well-oiled relationship built on trust, communication and mutual understanding can reap significant benefits for a business’s cybersecurity posture. Conversely, one that is problematic and incohesive can have the opposite effect, negatively impacting a company’s security practices and leaving them vulnerable to risks and wasted investment.

CISO 128

CISO CSO Cybersecurity Accountability 128

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Tech Republic Security

MAY 4, 2022

Auth0 and Okta are identity and access management software solutions, but which one should you choose? Dive into the specifics with this IAM tools feature comparison guide. The post Auth0 vs Okta: Compare IAM software appeared first on TechRepublic.

Software 142

Software 142

Threatpost

MAY 3, 2022

Popular apps to support people’s psychological and spiritual well-being can harm them by sharing their personal and sensitive data with third parties, among other privacy offenses.

Mobile 123

Mobile 123

eSecurity Planet

MAY 2, 2022

Ransomware just keeps getting worse, it seems. Cybersecurity researchers last week revealed that a new ransomware gang called Onyx is simply destroying larger files rather than encrypting them. As the MalwareHunterTeam noted in a Twitter thread , “as the ransomware they are using is a trash skidware, it’s destroying a part of the victims’ files.” The team would recommend that “no company should pay to these idiots … but they are stealing files too.” Most

Ransomware 127

Ransomware Backups Encryption Penetration Testing 127

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies. The Google TAG team published a report focused on cybersecurity activity in Eastern Europe.

Manufacturing 136

Manufacturing Government Phishing Passwords 136

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity