In today’s uncertain world, a new approach to enterprise security is needed—a smart-centric approach. In this virtual event, we will explore how intelligence can give defenders visibility to make faster, smarter, and more confident decisions.
With rich and thought-provoking keynote speeches and more than 40 group discussions, Predict will change your perspective on network security.
CyberWire is pleased to announce that Microsoft Security’s popular podcast “Security Unlocked” is joining the rapidly growing CyberWire podcast network. Every week, the presenters Nic Fillingham and Natalia Godyla examine the latest innovations in threat intelligence, security research, and data science, with a special focus on the use of artificial intelligence and machine learning in cybersecurity.
The Australian Cyber Security Centre warned of the imminent surge in LockBit 2.0 ransomware and provided recommendations on reducing risks. LockBit is an affiliate program offered through the Russian language crime market; it is known for using double blackmail.
Zimperium describes an emerging Android Trojan “Flytrap” that has been active in “at least” one hundred and forty countries/regions since March, almost everywhere without any difference. Flytrap is believed to be the work of the Vietnamese gang, and it works through infected apps. The malicious application was originally distributed via Google Play, but was removed from the store after detection. They are now distributed in third-party stores, and the bait includes coupon discounts and opportunities for fans to vote in sports polls. Once installed Flytrap hijacks the victim’s Facebook account.
BadPackets has observed active scanning for vulnerabilities in Arcadyan Buffalo routers. The flaws discovered and disclosed by Tenable may allow unauthorized remote participants to bypass authentication. Juniper Networks has confirmed that these vulnerabilities are actually being widely exploited.
Symantec last week described a campaign aimed at infrastructure goals in Southeast Asia, which lasted from November to March. This unnamed country, which appears to be Chinese intelligence gathering and reconnaissance work, has seen an invasion of water, electricity, communications and defense companies. Threat actors seem to be interested in SCADA systems.
Apple announced child protection features that have raised suspicions from privacy advocates because these measures involve scanning iCloud content for offensive material.
Looking for a complex and difficult to remember password? The NCSC in the United Kingdom recommends using three random words instead.
Today’s issues include events affecting Australia, Canada, China, Denmark, India, Iran, Israel, Nigeria, Norway, Russia, Sweden, the United Arab Emirates, the United Kingdom, and the United States.
VPNs are often used to securely connect to remote sites and allow employees to work from home. However, today’s VPN implementation has limitations, which come from the use of private IP addresses or CGNAT by ISPs and mobile operators. The patent-pending Roqos OmniVPNTM eliminates these restrictions and provides Click & Connect VPN connections through any network access within minutes. OmniVPNTM is suitable for laptops, mobile phones and all Roqos Core devices. These devices also provide cloud management, automatically updated network security and real-time alerts.
Hackers target critical infrastructure in Southeast Asia (GovInfoSecurity) As part of cyber espionage, an unidentified hacker group associated with China is targeting critical infrastructure in Southeast Asia
Critical infrastructure organizations in Southeast Asia have become the target of espionage (Symantec). Attackers have extensively used off-the-ground survival technology in their activities that lasted for several months.
Chinese hackers attacked American companies with the support of their own government: Cybereason-El Financiero (The Daily Guardian) The state-backed Chinese hacker organization infiltrated at least five global telecommunications companies and stole phone records and location data.
FlyTrap Android malware compromises thousands of Facebook accounts (Zimperium Mobile Security Blog) A new Android Trojan code-named FlyTrap has attacked at least 140 countries and thousands of victims have lost control of their social media accounts .
New DNS attacks enable “national spies” through domain registration (SecurityWeek). A new DNS attack method involving the use of specific names to register domains can be used for what researchers describe as “national spies.”
The Australian cyber security agency warns of a surge in LockBit ransomware attacks (The Record by Recorded Future) The Australian cyber security agency issued a security advisory on Friday warning of a sudden surge in LockBit ransomware attacks across the country.
Australia’s LockBit 2.0 Ransomware Incident (ACSC) ACSC has received reports from many Australian organizations affected by LockBit 2.0 ransomware. This activity took place in multiple industry sectors. The victim has received a request to pay the ransom. In addition to data encryption, the victim also received the threat that the data stolen in the incident will be made public.
Golang Cryptomining Worm provides a 15% speed increase (Threatpost) The latest variant of Monero mining malware exploits known web server vulnerabilities and improves the efficiency of the mining process.
Microsoft Exchange Server: Threat actors actively scan for ProxyShell vulnerabilities. Researchers warn (calculated) that ProxyShell is a set of three security vulnerabilities that Microsoft has resolved, but not all instances have been patched
IIStealer: Server-side threats to e-commerce transactions (WeLiveSecurity) ESET research focuses on IIStealer, a previously undocumented IIS web server threat that intercepts server transactions to steal credit card information.
Dissecting native IIS malware (WeLiveSecurity) ESET researchers have released a white paper and a series of articles that put the IIS web server threats against government and e-commerce under the microscope.
In a recent test, AI-written phishing emails are better than humans (wired). Researchers found that tools like OpenAI’s GPT-3 help to produce extremely effective spear-phishing emails.
Routers and modems running Arcadyan firmware are attacked (Recorded Future’s records) Routers and modems running Arcadyan firmware versions, including devices from ASUS, Orange, Vodafone, and Verizon, are currently being attacked by threat actors trying to trap them. DDoS botnet.
Researchers discovered in macOS privacy protection (dark reading) that a major vulnerability attack requires code execution on the system, but it frustrated Apple’s method of protecting private data and system files.
Unexpected risks of Apple’s child protection feature (Avast) Privacy advocates are concerned that the new features that Apple has created to combat child sexual abuse materials may have serious unintended consequences.
The defects in the John Deere system show the cyber risks of agriculture (BankInfoSecurity) The defects found in the tractor manufacturer John Deere system highlight the cyber risks that accompany the increase in high-tech agricultural productivity. John
Israeli internet company detects serious Amazon security breach (Jerusalem Post) Israeli internet security provider Check Point found that by clicking on an e-book infected with malware, users may lose control of their Kindle tablet and Amazon account.
The motherboard supplier Gigabyte was attacked by the RansomExx ransomware group (recording future records) Taiwan’s computer hardware supplier Gigabyte was attacked by ransomware. Hackers are currently threatening to publish more than 112 GB of commercial data on the dark web unless the company agrees to their ransom demand.
Officials confirmed that the (Chalkbeat New York) data breach affected approximately 3,000 students and 100 employees in New York City. At least one student managed to access Google Drive, which contains private information about students and department employees in the city.
CERT-RO: Detected phishing attacks against Romanian bank customers (ACT Media) Internet security service provider ProDefence provided several phishing samples to the national cybersecurity incident response team CERT-RO, as seen in the attack…
DEO security measures (WKMG) blocked thousands of unemployment accounts in Florida. Thousands of state unemployment accounts were locked without warning this week in response to potential data breaches.
Ivanti releases Pulse Connect Secure (CISA) security update Ivanti released Pulse Connect Secure system software version 9.1R12 to address multiple vulnerabilities that attackers can use to control affected systems. CISA encourages users and administrators to review Ivanti’s security bulletin SA44858 and apply the necessary updates.
Critical code execution vulnerabilities patched in Pulse Connect Secure (SecurityWeek) Ivanti has issued patches for multiple vulnerabilities in its Pulse Connect Secure VPN devices, including a critical issue that can be exploited to execute arbitrary code with root privileges.
Black hat: Microsoft’s Windows Hello bypass vulnerability patch is problematic, the researcher said (Threatpost) Researchers showed how to use a deceptive USB camera to bypass Microsoft’s Windows Hello biometric authentication.
Apple has fixed an AWDL error that can be used to escape the air gap network (The Record by Recorded Future) Apple has fixed a leak in the Apple Wireless Direct Link (AWDL) technology in the air gap network.
Apple’s new “Child Safety” program and slippery slope (daring fireball) stakes are very high, and Apple knows this. No matter what you think of Apple’s decision to implement these features, they will not take it lightly.
Apple Privacy Letter: An open letter (Appleprivacyletter.com) against Apple’s privacy-infringing content scanning technology. Read and sign the open letter to protest that Apple’s new content scanning technology may overturn personal privacy on a global scale and reverse everyone’s Progress made in end-to-end encryption.
Facebook’s WhatsApp targets Apple’s child safety software project (Wall Street Journal). Facebook’s messaging department criticized Apple’s plan to monitor children’s sexually exploited images on the iPhone, arguing that this is harmful to privacy and opened up new ground in the battle between the two tech giants Front.
Apple defends its new anti-child abuse technology in response to privacy issues (MIT Technology Review) Apple’s new anti-abuse technology has attracted criticism and praise by scanning directly on the iPhone.
The 4 things I learned at Black Hat 2021 (VentureBeat) In terms of cyber security, the fate of private companies is now irreversibly intertwined with the fate of the government.
Patients cited Vax credentials (health IT security) concerns about privacy and network security. A new public opinion survey shows that Americans have doubts about the network security of digital vaccine cards.
Hospitals lag behind other companies in cybersecurity risk ratings (Healthcare IT News) A study published this week in the Journal of the American Medical Informatics Association found that hospitals with lower cybersecurity ratings are more likely to experience data breaches. The study also compared hospital cybersecurity ratings with Fortune 1000 companies and found that health systems are still statistically more vulnerable to attacks from botnets, spam, and malware.
Military personnel are the most common victims of identity theft (Federal News Network) Military fraud has become a big business, and it is one of the fastest growing areas of cybercrime.
Nordic companies seek help from ransomware programs (Business Wire) ISG (Nasdaq: III) stated that in the face of a sharp increase in cyber attacks, Nordic companies are turning to cyber security providers to help prevent intrusions.
Mixed workforce needs to deploy network security (MENAFN) from day one. Mixed workforce has now become a permanent reality for most companies. The sudden outbreak of the pandemic and related shutdowns have made the organization
Large technology call center employees face pressure to accept home monitoring (NBC News) An employee of one of the world’s largest call center companies said that additional monitoring would violate the privacy of their families at home.
As the FireEye sales approach (CRN), Mandiant has established a partnership with Microsoft. As the FireEye product business approaches, Mandiant has achieved success in packaging its managed detection and response services around Microsoft’s endpoint security technology.
Dave DeWalt wants to build more cybersecurity unicorns (The Record by Recorded Future) Former McAfee and FireEye CEO Dave DeWalt is accumulating one of the fastest growing cybersecurity investment war funds.
This is why Mike Janke, the founder of DataTribe, said that so many online companies have been acquired. (Baltimore Business Journal) DataTribe co-founder Mike Janke said that instead of spending years and millions of dollars trying to build new cybersecurity tools, it’s better to say there are Competent companies are rapidly acquiring and establishing young Internet companies that are already developing the required technologies.
Post time: Aug-10-2021