Sat.Dec 18, 2021 - Fri.Dec 24, 2021

article thumbnail

The Top 22 Security Predictions for 2022

Lohrman on Security

What will the New Year bring in cyber space? Here’s your annual roundup of the top security industry forecasts, trends and cybersecurity prediction reports for calendar year 2022.

article thumbnail

The Subsequent Waves of log4j Vulnerabilities Aren’t as Bad as People Think

Daniel Miessler

If you’re reading this you’re underslept and over-caffeinated due to log4j. Thank you for your service. I have some good news. I know a super-smart guy named d0nut who figured something out like 3 days ago that very few people know. Once you have 2.15 applied—or the CLI implementation to disable lookups—you actually need a non-default log4j2.properties configuration to still be vulnerable!

Internet 363
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Open Source Pwned Passwords with FBI Feed and 225M New NCA Passwords is Now Live!

Troy Hunt

In the last month, there were 1,260,000,000 occasions where a service somewhere checked a password against Have I Been Pwned's (HIBP's) Pwned Password API. 99.7% of the time, that check went no further than one of hundreds of Cloudflare edge nodes spread around the world (95% of the world's population is within 50ms of one). It looks like this: There are all sorts of amazing Pwned Passwords use cases out there.

Passwords 362
article thumbnail

Stealing More SRE Ideas for Your SOC

Anton on Security

As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early version “Kill SOC Toil, Do SOC Eng” ), your Security Operations Center (SOC) can learn a lot from what IT operations learned during the SRE revolution. In this post of the series, we plan to extract the lessons for your SOC centered on another SRE principle?—?

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers

Schneier on Security

Citizen Lab published another report on the spyware used against two Egyptian nationals. One was hacked by NSO Group’s Pegasus spyware. The other was hacked both by Pegasus and by the spyware from another cyberweapons arms manufacturer: Cytrox. We haven’t heard a lot about Cytrox and its Predator spyware. According to Citzen Lab: We conducted Internet scanning for Predator spyware servers and found likely Predator customers in Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saud

article thumbnail

2021 Cyber Review: The Year Ransomware Disrupted Infrastructure

Lohrman on Security

2021 will be remembered as the most disruptive year so far when it came to cyber attacks, with ransomware impacting businesses and governments — including critical infrastructure — as never before.

More Trending

article thumbnail

GUEST ESSAY: Introducing ‘killware’ — malware designed to contaminate, disrupt critical services

The Last Watchdog

Within the past year, we have seen a glut of ransomware attacks that made global news as they stymied the operations of many. In May, the infamous Colonial Pipeline ransomware attack disrupted nationwide fuel supply to most of the U.S. East Coast for six days. Related: Using mobile apps to radicalize youth. But the danger has moved up a notch with a new, grave threat: killware.

Malware 256
article thumbnail

Stolen Bitcoins Returned

Schneier on Security

The US has returned $154 million in bitcoins stolen by a Sony employee. However, on December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishii’s wallet after obtaining the private key, which made it possible to transfer all the bitcoins to the FBI’s bitcoin wallet.

article thumbnail

Weekly Update 275

Troy Hunt

I'd say this is probably the most epic scene I've ever done one of these videos from and equally, the main topic of the day around Pwned Passwords and the work done with the FBI and NCA is the most epic thing I've done for a very long time. On reflection, I feel like this is the first major step towards HIBP growing up and becoming self-sufficient; that Pwned Passwords piece is now owned by the community, supported by the community, contributed to by 2 of the world's foremost

Passwords 237
article thumbnail

Conti ransomware is exploiting the Log4Shell vulnerability to the tune of millions

Tech Republic Security

Log4Shell is a dangerous security concern — and now Conti, a prominent ransomware group, is exploiting it to attack vulnerable servers to extort millions of dollars.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

GUEST ESSAY: Why Microsoft Exchange users ‘must have’ robust data recovery policies, practices

The Last Watchdog

Cloud hosted email services have come into wide use as the go-to communication and collaboration work tools for businesses far and wide. Related: Weaponized email endures as top threat. Digital native companies start from day one relying entirely on Microsoft Office 365 or Google’s G Suite and most established companies are in some stage of migrating to, or adjusting for, Office 365 or G Suite.

Marketing 222
article thumbnail

Android banking trojan spreads via fake Google Play Store page

Bleeping Computer

An Android banking trojan targeting Itaú Unibanco, a large financial services provider in Brazil with 55 million customers globally, is using a fake Google Play store to spread to devices. [.].

Banking 145
article thumbnail

Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

Security Affairs

Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute Formbook malware. Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability tracked as CVE-2021-40444 (CVSS score of 8.8). The bad news is that threat actors are using it to distribute the Formbook malware.

Malware 145
article thumbnail

Switch to a well-paid tech career in 2022: Check out these 200+ IT courses

Tech Republic Security

Training for a lucrative tech career is easier and less expensive than you might think. Check out these online courses on programming, cybersecurity, project management and more.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Top 7 common Cybersecurity Myths — Busted

The Hacker News

Even with the growing awareness about cybersecurity, many myths about it are prevalent. These misconceptions can be a barrier to effective security. The first step to ensure the security of your business is to separate the false information, myths, and rumors from the truth. Here, we're busting some common cybersecurity myths. Read on to find out which of the following you thought were true.

article thumbnail

CISA releases Apache Log4j scanner to find vulnerable apps

Bleeping Computer

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by& two Apache Log4j remote code execution vulnerabilities, tracked as CVE-2021-44228 and CVE-2021-45046. [.].

article thumbnail

A new version of the Abcbot bot targets Chinese cloud providers

Security Affairs

Researchers spotted a new botnet named Abcbot hat that mainly targeted Chinese cloud hosting providers over the past months. Security researchers discovered a new botnet, named Abcbot , that focused on Chinese cloud hosting providers over the past months. The list of targeted providers includes Alibaba Cloud, Baidu, Tencent, and Huawei Cloud. In November, researchers from Qihoo 360’s Netlab security team spotted the Abcbot botnet that was targeting Linux systems to launch distributed denial-of-s

Malware 145
article thumbnail

Grinch bots hijack all kinds of holiday shopping, from gift cards to hype drop sales

Tech Republic Security

Kasada research finds that all-in-one bots are fooling cyberdefenses and automating the checkout process to snap up in-demand goods.

207
207
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Lights Out: Cyberattacks Shut Down Building Automation Systems

Dark Reading

Security experts in Germany discover similar attacks that lock building engineering management firms out of the BASes they built and manage — by turning a security feature against them.

article thumbnail

New stealthy DarkWatchman malware hides in the Windows Registry

Bleeping Computer

A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. [.].

Malware 145
article thumbnail

More than 35,000 Java packages impacted by Log4j flaw, Google warns

Security Affairs

Google found more than 35,000 Java packages in the Maven Central repository that are impacted by flaws in the Apache Log4j library. The Google Open Source Team scanned the Maven Central Java package repository and found that 35,863 packages (8% of the total) were using versions of the Apache Log4j library vulnerable to Log4Shell exploit and to the CVE-2021-45046 RCE. “More than 35,000 Java packages, amounting to over 8% of the Maven Central repository (the most significant Java package

Hacking 145
article thumbnail

Synthetic identity fraud: What is it and why is it harmful?

Tech Republic Security

Online consumers can do everything right and still become cyber victims. Learn about synthetic identity fraud and why "buyer beware" is not enough.

194
194
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security

The Hacker News

Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.

Malware 144
article thumbnail

Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS

Bleeping Computer

Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes today with version 2.17.0 out that fixes CVE-2021-45105, a DoS vulnerability. [.].

145
145
article thumbnail

Patch these 2 Active Directory flaws to prevent the takeover of Windows domains

Security Affairs

Microsoft warns of a couple of Active Directory flaws fixed with the November 2021 Patch Tuesday updates that could allow takeover of Windows domains. Microsoft released an alert on a couple of Active Directory vulnerabilities, that have been fixed with the November 2021 Patch Tuesday security updates, that could allow threat actors to takeover Windows domains.

article thumbnail

How to deploy a Bitwarden server with Docker

Tech Republic Security

Are you looking to deploy an in-house password manager server? Jack Wallen shows you how with Bitwarden and Docker.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

How to manage the security risk of remote working

CyberSecurity Insiders

By Jon Lucas, Co-director, Hyve Managed Hosting. What was once regarded as a perk of the job has now become an outright necessity. Once an optional luxury in select businesses and industries, remote working is now one of the central pillars of the so-called ‘new normal’, at least where desk-based working is concerned. Even businesses that are keen to get workers back into the office as soon as possible are at least keeping the door open with regards to remote working, such has been the uncertain

Risk 144
article thumbnail

Microsoft warns of easy Windows domain takeover via Active Directory bugs

Bleeping Computer

Microsoft warned customers today to patch two Active Directory domain service privilege escalation security flaws that, when combined, allow attackers to easily takeover Windows domains. [.].

145
145
article thumbnail

Apache releases the third patch to address a new Log4j flaw

Security Affairs

Multiple flaws in the Log4J library are scaring organizations worldwide while threat actors are already exploiting them. 2.17 is the third fix issued in a week. While the experts were warning that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library a third security vulnerability made the headlines.

Software 145
article thumbnail

How to visualise security and threat information in Microsoft Power BI

Tech Republic Security

Want a custom security dashboard to bring together data from multiple places? Microsoft Power BI can do that and help you spot what's changing.

177
177
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!