Krebs on Security

JANUARY 23, 2019

The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. Even if lawmakers move forward on new proposals to reopen the government, sources say the standoff is likely to have serious repercussions for federal law enforcement agencies for years to come.

Government 269

Government Media Internet Internet 269

Schneier on Security

JANUARY 21, 2019

This is clever : Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks. The thinking behind the monitoring is that sensors in real end-user devices will record motion as people use them.

Malware 217

Malware Banking Marketing 217

Adam Levin

JANUARY 25, 2019

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes. One of the larger threats outlined in the report was the Emotet Trojan, a sophisticated malware program capable of data theft, network monitoring, and propagating itself onto other vulnerable systems, and the Trickbot Trojan that steals passwords and browser histories from infected machines.

Spyware 212

Spyware Ransomware Malware Banking 212

Troy Hunt

JANUARY 25, 2019

So it's been a bit of a crazy week. I got onto the plane in Australia on Thursday evening just as Europe was waking up to the news of the 773M email address credential stuffing list I loaded into HIBP. And then the flood began; blog comments, emails, tweets - it was an absolute deluge. I spent the flight fielding the ones I could, landed in Oslo and dealt with more on the way up the mountain then frankly, got there and tuned out.

171

171

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Krebs on Security

JANUARY 22, 2019

Two of the most disruptive and widely-received spam email campaigns over the past few months — including an ongoing sextortion email scam and a bomb threat hoax that shut down dozens of schools, businesses and government buildings late last year — were made possible thanks to an authentication weakness at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned.

DNS 244

DNS Internet Internet Computers and Electronics 244

Schneier on Security

JANUARY 24, 2019

They have advantages : Pigeons are certainly no substitute for drones, but they provide a low-visibility option to relay information. Considering the storage capacity of microSD memory cards, a pigeon's organic characteristics provide front line forces a relatively clandestine mean to transport gigabytes of video, voice, or still imagery and documentation over considerable distance with zero electromagnetic emissions or obvious detectability to radar.

Technology 215

Technology 215

Adam Shostack

JANUARY 23, 2019

Omer Levi Hevroni has a very interesting post exploring ways to represent threat models as code. The closer threat modeling practices are to engineering practices already in place, the more it will be impactful, and the more it will be a standard part of delivery. There’s interesting work in both transforming threat modeling thinking into code, and using code to reduce the amount of thinking required for a project.

Engineering 113

Engineering Software 113

Krebs on Security

JANUARY 25, 2019

The U.S. Justice Department has filed criminal charges against three U.S. men accused of swatting, or making hoax reports of bomb threats or murders in a bid to trigger a heavily armed police response to a target’s address. Investigators say the men, aged 19 to 23, all carried out the attacks with the help of Tyler Barriss , a convicted serial swatter whose last stunt in late 2018 cost Kansas man his life.

Media 220

Media Accountability 220

Schneier on Security

JANUARY 25, 2019

Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems. Furthering the debate, Nate Cardozo and Seth Schoen of EFF explain how this sort of backdoor can be detected: In fact, we think when the ghost feature is active­ -- silently inserting a secret eavesdropping member into an otherwise end-to-end encrypted conversation in the manner described by the GCHQ authors­ -- it could be detected (by the target as well as certain third parties) with at least fou

Hacking 215

Hacking Engineering Encryption Risk 215

Adam Levin

JANUARY 22, 2019

According to a study published in December by SplashData of the more than 5 million passwords compromised by hacks last year, way too many were laughably inadequate. If you are having that same-old, same-old sense of déjà vu, you’re not alone. Another year has come and gone, and consumers are still using the same old bad passwords to protect their accounts.

Passwords 158

Passwords Password Management Accountability Authentication 158

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

JANUARY 25, 2019

The security expert Dirk- jan Mollema with Fox-IT discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user with a mailbox to become a Domain Admin. The experts described the attack scenario in a blog post and published a proof-of-concept code. “In most organisations using Active Directory and Exchange, Exchange servers have such high privileges that being an Administrator on an Exchange server is enough to escalate to Domain Admin.” wrot

Authentication 112

Authentication Advertising Passwords Hacking 112

WIRED Threat Level

JANUARY 25, 2019

David Carroll has been locked in a legal war to force the infamous company to turn over its files on him. He’s won a battle, but the struggle continues.

108

108

Schneier on Security

JANUARY 23, 2019

This is interesting : To prevent the problems of customer binding, and losing business when darknet markets go down, merchants have begun to leave the specialized and centralized platforms and instead ventured to use widely accessible technology to build their own communications and operational back-ends. Instead of using websites on the darknet, merchants are now operating invite-only channels on widely available mobile messaging systems like Telegram.

Cryptocurrency 213

Cryptocurrency Marketing Surveillance Risk 213

Adam Levin

JANUARY 24, 2019

The personal data of 4 million applicants for internships at a non-profit organization was exposed in a breach. The data included the applicants’ names, email addresses, gender, and personal essays and was exposed via a misconfigured database called Elasticsearch on the website of AIESEC, a “youth-run” non-governmental organization with over 100,000- members worldwide.

Engineering 125

Engineering IoT Internet Internet 125

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

JANUARY 20, 2019

Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch SOHO devices allow to manage small local area networks, they are widely adopted in cloud-based, managed and unmanaged “flavors.”.

Small Business 111

Small Business Hacking Accountability Software 111

Dark Reading

JANUARY 23, 2019

Research shows that better corporate security has resulted in some hackers shifting their sights to the estates and businesses of wealthy families.

101

101

Schneier on Security

JANUARY 22, 2019

Construction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories. In the different attack classes that we've outlined, we were able to perform the attacks quickly and even switch on the controlled machine despite an operator's having issued an emergency stop (e-stop).

Hacking 202

Hacking Wireless Internet Internet 202

Thales Cloud Protection & Licensing

JANUARY 22, 2019

IDG’s 2018 Cloud Computing Study tells us: Seventy-three percent of organizations have at least one application, or a portion of their computing infrastructure already in the cloud – 17% plan to do so within the next 12 months. But IDG also points out: Organizations are utilizing a mix of cloud delivery models. Currently the average environment is 53% non-cloud, 23% SaaS, 16% IaaS and 9% PaaS….

Encryption 82

Encryption Big data 82

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

JANUARY 21, 2019

A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS). The flaw resides in the file transfer process between a client host and a MySQL server, it could be exploited by an attacker running a rogue MySQL server to access any data that could be read by the client.

Passwords 111

Passwords Advertising Cryptocurrency Cybercrime 111

Dark Reading

JANUARY 22, 2019

By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.

Cryptocurrency 90

Cryptocurrency 90

eSecurity Planet

JANUARY 25, 2019

We review nine of the top web application firewall (WAF) products to help you protect web-facing applications.

Firewall 106

Firewall 106

WIRED Threat Level

JANUARY 21, 2019

It takes a master demagogue to weaponize unstable individuals and aim them at political enemies.

111

111

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Affairs

JANUARY 23, 2019

PHP PEAR official site hacked, attackers replaced legitimate version of the package manager with a tainted version in the past 6 months. Bad news for users that have downloaded the PHP PEAR package manager from the official website in the past 6 months because hackers have replaced it with a tainted version. The PHP Extension and Application Repository (PEAR) is a framework and distribution system that allows anyone to search and download free packages written in PHP programming language.

Hacking 111

Hacking Advertising Data breaches 111

Dark Reading

JANUARY 22, 2019

Adversaries took advantage of the large attack surface of large communications networks to spread small volumes of junk traffic across hundreds of IP prefixes in Q3 2018, Nexusguard says.

Internet 88

Internet Internet DDOS 88

Threatpost

JANUARY 23, 2019

An emergency directive from the Department of Homeland Security provides "required actions" for U.S. government agencies to prevent widespread DNS hijacking attacks.

DNS 79

DNS Government Hacking 79

WIRED Threat Level

JANUARY 20, 2019

Sharing is caring. But it's worth checking if your streaming accounts have picked up any suspicious stragglers along the way.

Accountability 97

Accountability 97

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Security Affairs

JANUARY 22, 2019

Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The independent security consultant Max Justicz has discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The flaw, tracked as CVE-2019-3462, affects package manager version 0.8.15 and later, it could be exploited by an attacker in a MiTM position to execute arbi

Hacking 109

Hacking Advertising 109

Dark Reading

JANUARY 23, 2019

All government domain owners are instructed to take immediate steps to strengthen the security of their DNS servers following a successful hacking campaign.

DNS 92

DNS Government Hacking 92

Threatpost

JANUARY 22, 2019

Researchers show how rogue web applications can be used to attack vulnerable browser extensions in a hack that gives adversaries access to private user data.

Hacking 80

Hacking 80

WIRED Threat Level

JANUARY 25, 2019

Facebook's effort to combine its major chat platforms could create minefields for users who rely on end-to-end encryption.

Encryption 90

Encryption 90

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity