Google denies illegally slurping data off free student Chromebooks
on February 25, 2020 at 11:22 am
Nonsense! says Google in response to a lawsuit filed by New Mexico's AG, which accuses Google of violating COPPA's child privacy laws.
8 mobile security threats you should take seriously in 2020
on February 25, 2020 at 11:00 am
Mobile security is at the top of every company's worry list these days — and for good reason: Nearly all workers now routinely access corporate data from smartphones, and that means keeping sensitive info out of the wrong hands is an increasingly intricate puzzle. The stakes, suffice it to say, are higher than ever: The average cost of a corporate data breach is a whopping $3.86 million, according to a 2018 report by the Ponemon Institute. That's 6.4 percent more than the estimated cost just one year earlier. [ Learn how SandBlast Mobile simplifies mobile security. | Get the latest from CSO by signing up for our newsletters. ]To read this article in full, please click here
New OpenSMTPD RCE Flaw Affects Linux and OpenBSD Email Servers
on February 25, 2020 at 10:54 am
OpenSMTPD has been found vulnerable to yet another critical vulnerability that could allow remote attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD, also known as OpenBSD SMTP Server, is an open-source implementation of the Simple Mail Transfer Protocol (SMTP) to deliver messages on a local machine or to relay them to other SMTP servers.
Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing
on February 25, 2020 at 10:37 am
Phishing attacks have become one of the business world's top cybersecurity concerns. These social engineering attacks have been rising over the years, with the most recent report from the Anti-Phishing Working Group coalition identifying over 266,000 active spoofed websites, which is nearly double the number detected during Q4 2018. Hackers have evolved their methods, from regular phishing
Data from nearly 60 apps vulnerable to Racoon Malware
on February 25, 2020 at 10:34 am
An infostealing malware that is relatively new on cybercriminal forums can extract sensitive data from about 60 applications on a targeted computer. The malware scene is constantly changing and what used to be top of the line a few years ago is now available for a modest price by comparison and a much richer set The post Data from nearly 60 apps vulnerable to Racoon Malware appeared first on IT Security Guru.
Federal Data Protection Agency Proposed by New U.S Legislation
on February 25, 2020 at 10:33 am
The United States lags behind much of the world in having yet to establish some sort of a data protection agency at the national level. Several attempts at federal data privacy standards have been floated in recent years, but failed to gather traction. Senator Kirsten Gillibrand is taking another pass at the issue, but is The post Federal Data Protection Agency Proposed by New U.S Legislation appeared first on IT Security Guru.
Victim’s Data could be exposed on DoppelPaymer Ransomware site
on February 25, 2020 at 10:32 am
The operators of the DoppelPaymer Ransomware have launched a site that they will use to shame victims who do not pay a ransom and to publish any files that were stolen before computers were encrypted. A new extortion method started by the Maze Ransomware is to steal files before encrypting them and then use them The post Victim’s Data could be exposed on DoppelPaymer Ransomware site appeared first on IT Security Guru.
New Cisco security platform
on February 25, 2020 at 10:30 am
Managing complex multivendor environments is a reality for companies today — and it’s become chief information security officers’ (CISO) worst enemy. To help solve this problem, Cisco has developed SecureX, a cloud-native platform that increases the productivity of security teams. SecureX unifies visibility, identifies unknown threats, and automates workflows to strengthen customers’ security across The post New Cisco security platform appeared first on IT Security Guru.
New Malware Hides Traffic Using DNS
on February 25, 2020 at 10:29 am
A new backdoor malware called Mozart is using the DNS protocol to communicate with remote attackers to evade detection by security software and intrusion detection systems. Typically when a malware phones home to receive commands that should be executed, it will do so over the HTTP/S protocols for ease of use and communication. Source: Bleeping The post New Malware Hides Traffic Using DNS appeared first on IT Security Guru.
Handling Huge Traffic Spikes with Azure Functions and Cloudflare
on February 25, 2020 at 8:19 am
Presently sponsored by: 1Password is a secure password manager and digital wallet that keeps you safe onlineBack in 2016, I wrote a blog post about the Martin Lewis Money show featuring HIBP and how it drove an unprecedented spike of traffic to the service, ultimately knocking it offline for a brief period of time. They'd given me a heads up as apparently, that's what the program
Wanted: Hands-On Cybersecurity Experience
on February 25, 2020 at 7:00 am
Organizations lament a lack of qualified job candidates as they continue to struggle to hire and retain security teams, the new ISACA State of Cybersecurity 2020 report shows.
Verizon: Attacks on Mobile Devices Rise
on February 25, 2020 at 6:40 am
Companies of all sizes are being hit by mobile attacks and feeling the effects for extended periods of time, according to the 2020 Verizon Mobile Security Index.
ISC StormCast for Tuesday, February 25th 2020
on February 25, 2020 at 3:00 am
ScrollToTextFragment Privacy Concerns in Google Chrome 80https://github.com/WICG/ScrollToTextFragment/issues/76#issue-538137989https://docs.google.com/document/d/1YHcl1-vE_ZnZ0kL2almeikAj2gkwCq8_5xwIae7PVik/edit#heading=h.uoiwg23pt0tx Another OpenSMTPD Vulnerabilityhttps://github.com/OpenSMTPD/OpenSMTPD/releases WhatsApp Group Invite Links in Search Engineshttps://twitter.com/JordanWildon/status/1230829082662842369
Security, Networking Collaboration Cuts Breach Cost
on February 24, 2020 at 11:10 pm
CISOs report increases in alert fatigue and the number of records breached, as well as the struggle to secure mobile devices in a new Cisco study.
Train to become a skilled Python coder for just $50
on February 24, 2020 at 10:23 pm
Python is one of the most widely used coding languages in the world. And, good news, it isn’t very difficult to learn — especially for those experienced using other platforms. If you want an introduction to the language, but would rather avoid a traditional college education, then give The Complete 2020 Python Programming Certification Bundle a try.To read this article in full, please click here
Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data
on February 24, 2020 at 9:49 pm
Software developer builds a malicious proof-of-concept iOS app that can read data temporarily saved to the device’s clipboard.
Reactions to allegations in Georgia’s October cyber incidents. Commodification of spamming kit. Satellite vulnerabilities. Election security. FISA reauthorization? Mr. Assange’s extradition. RSAC 2020.
on February 24, 2020 at 8:54 pm
The EU condemns Russian cyberattacks on Georgia, and Russia says Russia didn’t do it--it’s all propaganda. Skids can buy spamming tools for less than twenty bucks. Satellite constellations offer an expanding attack surface. Amid continuing worries about US election security, the question of Russian trolling or home-grown American vitriol arises in Nevada (but the smart money’s on the U S of A). FISA reauthorization is coming up. And hello from RSAC 2020. Joe Carrigan from JHU ISI on SIM swappers targeting carrier employees, guest is Erez Yalon from Checkmarx on the recently published OWASP API Security Top Ten list. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/February/CyberWire_2020_02_24.html Support our show
Calling for security research in Azure Sphere, now generally available
on February 24, 2020 at 7:54 pm
Today, Microsoft released Azure Sphere into General Availability (GA). Azure Sphere’s mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. Azure Sphere is an end-to-end solution for securely connecting existing equipment and for creating new IoT devices with built-in security. The solution includes hardware, OS, and … Calling for security research in Azure Sphere, now generally available Read More » The post Calling for security research in Azure Sphere, now generally available appeared first on Microsoft Security Response Center.
Ransomware Against the Machine: How Adversaries are Learning to Disrupt
Industrial Production by Targeting IT and OT
on February 24, 2020 at 6:58 pm
SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps
on February 24, 2020 at 5:50 pm
Server-side request forgery is a dangerous attack method that is also becoming an issue for the cloud. Here are some of the basics to help keep your Web server from turning against you.
Enterprise Cloud Use Continues to Outpace Security
on February 24, 2020 at 5:30 pm
Nearly 60% of IT and security pros say deployment of business services in the cloud has rushed past their ability to secure them.
Zyxel Fixes 0day in Network Storage Devices
on February 24, 2020 at 5:13 pm
Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a "ZyXEL") is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.
on February 24, 2020 at 5:00 pm
The Digital World is full of unintended consequences. Aleks finds out what happened when an influx of bitcoin miners descended like electricity devouring locusts on the snowy little town of Plattsburgh NY. Depending what day it is maintaining the bitcoin network can take the same amount of energy as consumed by the whole country of Switzerland. These crypto currencies quite literally turn electricity into money but electricity costs, so all over the globe there are itinerant bitcoin miners like the prospectors of old in search deep veins of cheap power to refine into digital gold And so when it became known that the little town of Plattsburgh on the US/Canadian border had just about the cheapest electricity on the continent the miners flocked there from as far away Puerto Rico. At its height you couldn’t walk down the street without feeling the heat and the din of servers churning away in hastily converted strip malls. But it was it a bonanza for the locals? Aleks finds out.
Securonix Announces New Analytics Sandbox Capability
on February 24, 2020 at 4:19 pm
Securonix, Inc. today announced the launch of the Securonix Analytics Sandbox capability, which provides an isolated test or QA environment within the production setup. This enables security operations teams to test, tune, and validate new use cases prior to pushing them to live production. “Security operations teams are in a catch 22 – they must The post Securonix Announces New Analytics Sandbox Capability appeared first on IT Security Guru.
Solving the Cloud Data Security Conundrum
on February 24, 2020 at 3:00 pm
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.
Attackers Use SMS Phishing to Steal Credentials and Install Emotet Malware
on February 24, 2020 at 2:29 pm
Researchers have discovered a new SMS phishing campaign targeting mobile numbers in the United States aiming to steal online banking credentials and install the Emotet malware wherever possible. SMS phishing campaigns, also known as smishing, follows a straightforward recipe. Victims receive an SMS message with an embedded link, sending them to a malicious site. Sometimes,
Latest Security News from RSAC 2020
on February 24, 2020 at 2:00 pm
Check out Dark Reading's updated, exclusive coverage of the news and security themes that are dominating RSA Conference 2020 in San Francisco.
Data Breach Occurs at Agency in Charge of Secure White House Communications
on February 24, 2020 at 1:37 pm
A leak at the Defense Information Systems Agency exposed personal information of government employees, including social security numbers.
KidsGuard stalkerware leaks data on secretly surveilled victims
on February 24, 2020 at 1:28 pm
The company left a server open and unprotected, regurgitating private data slurped from thousands of surveilled people, including children.
Russia Is Trying to Tap Transatlantic Cables
on February 24, 2020 at 12:27 pm
The Times of London is reporting that Russian agents are in Ireland probing transatlantic communications cables. Ireland is the landing point for undersea cables which carry internet traffic between America, Britain and Europe. The cables enable millions of people to communicate and allow financial transactions to take place seamlessly. Garda and military sources believe the agents were sent by the...
Google purges 600 Android apps for “disruptive” pop-up ads
on February 24, 2020 at 12:26 pm
These apps plunk ads in front of us when we're trying to do something else, often leading to inadvertent ad clicks and much cursing.
US defense IT agency says data breach may have affected 200,000 people
on February 24, 2020 at 12:13 pm
The Defense Information Systems Agency (DISA), which handles IT and telecommunications support for the White House and U.S. military troops, has disclosed a data breach that may have affected 200,000 people between May and July 2019. According to a letter sent by the U.S. defense agency to victims, Social Security numbers and other personal information
BrandPost: Modern Networks Require High-Performance Internal Segmentation
on February 24, 2020 at 11:59 am
Today’s businesses run on applications, services, and workflows that need to travel laterally across the extended network without interruption. To keep up with these demands, organizations are having to radically redesign their networks, including the addition of dynamic multi-cloud environments, hyperscale data centers, and next-gen branch offices, along with the retooling of the core network itself.To meet the demands of speed and agility that digital innovation requires, businesses are creating flatter and more open networks, allowing data to flow across and between the data center and the multi-cloud and out to core network, branch, and mobile devices and users. Driving this change even further is the explosive adoption of IoT, with each device producing growing volumes of data and consuming applications.To read this article in full, please click here
7 Tips to Improve Your Employees' Mobile Security
on February 24, 2020 at 11:55 am
Security experts discuss the threats putting mobile devices at risk and how businesses can better defend against them.
SSL/TLS certificate validity chopped down to one year by Apple’s Safari
on February 24, 2020 at 11:42 am
From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.
Apple chops Safari’s TLS certificate validity down to one year
on February 24, 2020 at 11:42 am
From 1 September 2020, Safari will no longer trust SSL/TLS certificates with more than a year on the clock.
Tyler “Ninja” Blevins’ Twitter account hacked
on February 24, 2020 at 11:18 am
Fortnite star Tyler “Ninja” Blevins’ Twitter account is the latest high profile account to get taken over by hackers. After gaining control of Ninja’s Twitter account, the majority of the tweets were posted related to promoting the hacker’s Twitter account, telling Ninja’s followers to go and follow the account @OwenBreh – an account that The post Tyler “Ninja” Blevins’ Twitter account hacked appeared first on IT Security Guru.
Eight Google Play Store Apps found to contain ‘Haken’ malware
on February 24, 2020 at 11:17 am
Researchers identified eight malicious Android apps, mostly camera utilities, and children’s games, that were spreading a new data-stealing malware strain that also signs victims up for expensive premium services. The malware, named Haken, was found in apps is in the Google Play marketplace. Since it was discovered, victims have claimed that the malware signs them The post Eight Google Play Store Apps found to contain ‘Haken’ malware appeared first on IT Security Guru.
Lighthouse Pagespeed brought to Firefox
on February 24, 2020 at 11:16 am
Google has brought its popular Lighthouse extension used by over 400,000 users to Mozilla Firefox so that web developers can test the browser’s performance against submitted web pages. Lighthouse is an open-source tool for testing the performance of web pages through Google’s PageSpeed Insights API and was released as an extension for Google Chrome The post Lighthouse Pagespeed brought to Firefox appeared first on IT Security Guru.
New Chrome Feature Raises Concern
on February 24, 2020 at 11:15 am
With the release of Google Chrome 80, Google quietly slipped in a new feature that allows users to create a link directly to a specific word or phrase on a page. A Brave Browser researcher, though, sees this as a potential privacy risk and is concerned Google added it too quickly. Source: Bleeping Computer The post New Chrome Feature Raises Concern appeared first on IT Security Guru.
Trust ‘violated’ by data breach, say Slickwraps
on February 24, 2020 at 11:14 am
Slickwraps has revealed a data breach impacting over 850,000 user accounts, admitting its mistake in permitting customer records to become public. Slickwraps is an online store that offers skins for a variety of smartphones, tablets, gaming consoles, and laptops. Last week, the company said in a blog post that on February 21, Slickwraps discovered that The post Trust ‘violated’ by data breach, say Slickwraps appeared first on IT Security Guru.
Hottest new cybersecurity products at RSA Conference 2020
on February 24, 2020 at 11:00 am
RSAC 2020Image by ALLVISIONN / DonFiore / Getty ImagesTo read this article in full, please click here
Kali Linux explained: A pentester’s toolkit
on February 24, 2020 at 11:00 am
Kali Linux definitionTo read this article in full, please click here(Insider Story)
Monday review – the hot 25 stories of the week
on February 24, 2020 at 10:17 am
From malware attacks to malicious browser extensions - and everything in between. It's your weekly security roundup.
ISC StormCast for Monday, February 24th 2020
on February 24, 2020 at 3:35 am
Old Style Excel Macro Malwarehttps://isc.sans.edu/forums/diary/Maldoc+Excel+4+Macros+in+OOXML+Format/25830/ Simple But Efficient VBScript Obfuscationhttps://isc.sans.edu/forums/diary/Simple+but+Efficient+VBScript+Obfuscation/25828/ Let's Encrypt Beefs Up Validationhttps://letsencrypt.org/2020/02/19/multi-perspective-validation.html Google Play Store Joker / Clicken Malwarehttps://research.checkpoint.com/2020/android-app-fraud-haken-clicker-and-joker-premium-dialer/ Google Warns of Microsoft Edgehttps://www.heise.de/security/meldung/l-f-Google-findet-den-neuen-Edge-Browser-doof-und-unsicher-4665634.html
Rigging the game.
on February 23, 2020 at 6:00 am
*This is a rebroadcast from our Cyber Law and Policy show, Caveat.* Ben describes a decades-long global espionage campaign alleged to have been carried out by the CIA and NSA, Dave shares a story about the feds using cell phone location data for immigration enforcement, and later in the show our conversation with Drew Harwell from the Washington Post on his article on how Colleges are turning students’ phones into surveillance machines. Remember to subscribe to Caveat in your podcasting platform of choice. Links to stories: ‘The intelligence coup of the century’ RIGGING THE GAME Spy sting Federal Agencies Use Cellphone Location Data for Immigration Enforcement Thanks to our sponsor, KnowBe4.
All About SASE: What It Is, Why It's Here, How to Use It
on February 22, 2020 at 3:00 pm
Secure Access Service Edge is a new name for a known and growing architecture designed to strengthen security in cloud environments.
New vulnerabilities in PC sound cards.
on February 22, 2020 at 6:00 am
SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realtek sound cards. On this week's Research Saturday, our conversation with Itzik Kotler, who is Co-Founder and CTO at SafeBreach. The research can be found here: Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.
Friday Squid Blogging: 13-foot Giant Squid Caught off New Zealand Coast
on February 21, 2020 at 10:19 pm
It's probably a juvenile: Researchers aboard the New Zealand-based National Institute of Water and Atmospheric Research Ltd (NIWA) research vessel Tangaroa were on an expedition to survey hoki, New Zealand's most valuable commercial fish, in the Chatham Rise an area of ocean floor to the east of New Zealand that makes up part of the "lost continent" of Zealandia....
Emotet Malware Rears Its Ugly Head Again
on February 21, 2020 at 9:30 pm
A resurgence in Emotet malware may make it one of the most pervasive security threats of 2020.
Have more RSS feeds to add to the list? Contact me. Thanks!