Sat.Feb 26, 2022 - Fri.Mar 04, 2022

article thumbnail

Samsung Encryption Flaw

Schneier on Security

Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones. From the abstract: In this work, we expose the cryptographic design and implementation of Android’s Hardware-Backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description of the cryptographic design and code structure, and we unveil severe design flaws.

article thumbnail

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY – A primer on ‘WAAP’ – an approach to securing APIs at the web app layer

The Last Watchdog

One could make the argument that Application Programming Interfaces — APIs – are a vital cornerstone of digital transformation. Related: How a dynamic WAF can help protect SMBs. APIs interconnect the underlying components of modern digital services in a very flexible, open way. This has resulted in astounding innovations in cloud services, mobile computing, IoT systems and agile software development.

Mobile 266
article thumbnail

100 million Samsung phones affected by encryption weakness

Tech Republic Security

The vulnerability lies in how Samsung implemented a portion of the Android Trusted Execution Environment, leading to devices as new as the S21 being vulnerable to initialization vector reuse attacks. The post 100 million Samsung phones affected by encryption weakness appeared first on TechRepublic.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Decrypting Hive Ransomware Data

Schneier on Security

Nice piece of research : Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damage, such as the payment of huge amounts of money or the loss of important data.

article thumbnail

Are Your Passwords in the Green?

Approachable Cyber Threats

It’s here! Our 2022 update to our famous password table that’s been shared across the news, internet, social media, and organizations worldwide. So what’s new, and what’s the methodology behind it? Keep reading! Looking for a high resolution version to download? Download the table now. Password Strength in 2022 It’s been two years since we first shared our (now famous) password table.

Passwords 145

More Trending

article thumbnail

Destructive “HermeticWiper” malware strikes Ukraine

Tech Republic Security

A new type of malware attack is hitting Ukraine, and it renders the victim's machine useless. The post Destructive “HermeticWiper” malware strikes Ukraine appeared first on TechRepublic.

Malware 199
article thumbnail

Insurance Coverage for NotPetya Losses

Schneier on Security

Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Merck’s insurance policy, and that the insurers must pay the $1B+ claim. Wheeler and Wolff argue that the judge “did the right thing for the wrong reasons.

Insurance 285
article thumbnail

Anonymous hit Russian Nuclear Institute and leak stolen data

Security Affairs

Anonymous and other hacker groups that responded to the call to war against Russia continue to launch cyberattacks on gov organizations and businesses. Anonymous and numerous hacker groups linked to the popular collective continue to launch cyber attacks against Russian and Belarussian government organizations and private businesses. In the last few days massive DDoS attacks have taken offline numerous websites of Russian government entities, including the Duma and Ministry of Defense.

DDOS 144
article thumbnail

U.S. Security Agencies Release Network Security, Vulnerability Guidance

eSecurity Planet

The U.S. National Security Agency (NSA) released comprehensive network security guidance on March 3, on the same day that the Cybersecurity and Infrastructure Security Agency (CISA) released its longest-ever list of exploited vulnerabilities. With organizations around the world on heightened alert in the wake of Russia’s unprovoked war against Ukraine, government agencies have stepped up efforts too.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Ransomware infections top list of the most common results of phishing attacks

Tech Republic Security

Eighty-four percent of organizations were phishing victims last year, 59% of whom were hit with ransomware. Why, then, do less than a quarter of boards think ransomware is a top priority? The post Ransomware infections top list of the most common results of phishing attacks appeared first on TechRepublic.

Phishing 177
article thumbnail

Details of an NSA Hacking Operation

Schneier on Security

Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group). …the scope of victims exceeded 287 targets in 45 countries, including Russia, Japan, Spain, Germany, Italy, etc.

Hacking 243
article thumbnail

Elections GoRansom – a smoke screen for the HermeticWiper attack

SecureList

Executive summary. On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security community it was used in recent cyberattacks in Ukraine.

article thumbnail

Conti Ransomware source code leaked by Ukrainian researcher

Bleeping Computer

A Ukrainian researcher continues to deal devastating blows to the Conti ransomware operation, leaking further internal conversations, as well as the source for their ransomware, administrative panels, and more. [.].

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

5 WordPress plugins to bolster security

Tech Republic Security

If you're using WordPress, you need to consider one or more of these security plugins to keep your website safe from attack. The post 5 WordPress plugins to bolster security appeared first on TechRepublic.

Software 174
article thumbnail

Ignoring US Cybersecurity Vulnerabilities No Longer an Option

Security Boulevard

In one of the most impactful European conflicts since World War II, Russian troops have invaded neighboring Ukraine, a sovereign nation. While the effects of this war on world peace and stability remain to be seen and while a larger conflict involving other nations including the U.S. could soon become a reality, the uncomfortable truth. The post Ignoring US Cybersecurity Vulnerabilities No Longer an Option appeared first on Security Boulevard.

article thumbnail

Hackers Try to Target European Officials to Get Info on Ukrainian Refugees, Supplies

The Hacker News

Details of a new nation-state sponsored phishing campaign have been uncovered setting its sights on European governmental entities in what's seen as an attempt to obtain intelligence on refugee and supply movement in the region.

article thumbnail

Free Android app lets users detect Apple AirTag tracking

Bleeping Computer

A small team of researchers at the Darmstadt University in Germany have published a report illustrating how their AirGuard app for Android provides better protection from stealthy AirTag stalking than other apps. [.].

Mobile 136
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download

Tech Republic Security

TechRepublic Premium content helps you solve your toughest IT issues and jumpstart your career or next project. The post TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download appeared first on TechRepublic.

Big data 172
article thumbnail

Salt Security Survey Surfaces API Security Weaknesses

Security Boulevard

A survey of more than 250 security, application and DevOps executives and professionals published today by Salt Security found 95% of respondents experienced a security incident involving application programming interfaces (APIs) in the last 12 months, with 62% reporting they slowed down the rollout of an application because of API security concerns.

Firewall 135
article thumbnail

How security vendors are aiding Ukraine

CSO Magazine

Since Russia launched a full-scale military invasion into Ukraine on February 23, a series of cyberattacks have been detected targeting Ukrainian businesses, websites and government agencies amid the ongoing conflict. Meanwhile, organizations in the cybersecurity sector have begun taking action to provide help and support to those directly and subsequently impacted by cyber incidents relating to the Ukraine-Russia crisis.

article thumbnail

The truth about VDI and cloud computing

InfoWorld on Security

Want to know who has the most stressful job in the enterprise these days? It’s the CISO, or chief information security officer. This is typically a senior-level executive responsible for developing and implementing information security programs and the person first on the hook if a breach occurs. Many of these brave men and women took on the role prior to the pandemic when vulnerable applications and data could be placed within a secure domain—typically, a well-defined firewall. [ Also on InfoWo

CISO 132
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

New OpenSSF project may finally be doing security right

Tech Republic Security

Commentary: For years we’ve tried tackling security at the company or organizational level. The new Alpha-Omega Project seems to be taking a true industry-wide approach, and that’s promising. The post New OpenSSF project may finally be doing security right appeared first on TechRepublic.

168
168
article thumbnail

Microsoft rolling out new endpoint security solution for SMBs

Bleeping Computer

Microsoft has started rolling out its new endpoint security solution for small and medium-sized businesses (SMBs) known as Microsoft Defender for Business to Microsoft 365 Business Premium customers worldwide starting today, March 1st. [.].

131
131
article thumbnail

Monitoring Cyber Threats Tied to the Russia-Ukraine Conflict

Security Boulevard

Beyond the disturbing images of the invasion of Ukraine that began February 24 are the invisible cyberattacks that preceded it and continue to be waged on Ukraine by Russian state-sponsored and other threat actors, which also threaten the West. Vedere Labs, Forescout’s threat intelligence and research team, is closely monitoring the evolution of cyber activities […].

article thumbnail

Blocking Bots: Why We Need Advanced WAF?

CyberSecurity Insiders

With everyone living online these days, web traffic to the online channels is on the upsurge. However, if you delve into the traffic, you’ll see that most of the traffic is not from legitimate users. Only less than half of the traffic is actual humans, the rest are bots including both good and bad bots. In the early days, the bots were used only for spamming or small scraping attempts.

Firewall 130
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Cyberattacks on SMBs are increasing, will your business be ready?

Tech Republic Security

Coro’s report details a growing number of attacks on mid-sized businesses and the steps that need to be taken in order to be prepared. The post Cyberattacks on SMBs are increasing, will your business be ready? appeared first on TechRepublic.

149
149
article thumbnail

7 mistakes CISOs make when presenting to the board

CSO Magazine

Corporate boards are asking their CISOs to inform them more often about cybersecurity risks. This gives security leaders an opportunity to help senior business stakeholders better understand security’s value and makes them more likely to support and strengthen security strategies. However, talking to the board about cybersecurity in a way that is productive can be a significant challenge, and failing to do so effectively can result in confusion, disillusionment, and a lack of cohesion among dire

CISO 130
article thumbnail

How to define outcomes to deliver value faster

Security Boulevard

Why we need to clarify the ideal and acceptable outcomes If you want to deliver value faster, you need to know more than the problem you’re trying to solve. You also need to know what success looks like. Start by asking people to define and explain the ideal outcome. The ideal outcome is without restriction, […]. The post How to define outcomes to deliver value faster appeared first on Security Boulevard.

131
131
article thumbnail

Hackers Might Shift Focus to Consumers Instead of Businesses in 2022

Heimadal Security

According to threat analysts, the year 2022 will mark the beginning of a change in hackers’ attention from huge corporations to individuals. Researchers base their prediction on a number of variables that point out how consumers are now more valuable to hackers than in the past. What Happened in 2021 and What Will Happen in 2022? […]. The post Hackers Might Shift Focus to Consumers Instead of Businesses in 2022 appeared first on Heimdal Security Blog.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.