InfoSec Feed

This feed is in UTC time. If you do not see the feed please enable JavaScript.

  • Why an increase in remote worker VPN use risks enterprise security
    on September 24, 2020 at 2:48 pm

    For many of us, our home has become our workplace over the past few months, and a full return to the office still appears a remote prospect. The COVID-19 pandemic has proved that employees from across different industries can work efficiently from home. A recent PwC Survey found that 84% of employees feel able to The post Why an increase in remote worker VPN use risks enterprise security appeared first on IT Security Guru.

  • Microsoft warns hackers are actively targeting Zerologon vulnerability. Patch pronto!
    on September 24, 2020 at 2:02 pm

    If there are active attacks in the wild, if the DHS is ordering federal agencies to defend themselves, and if Zerologon is so easy to exploit, don't you think your business should be patching itself as soon as possible?

  • Since Remote Work Isn't Going Away, Security Should Be the Focus
    on September 24, 2020 at 2:00 pm
  • Instagram photo flaw could have helped hackers spy via users’ cameras and microphones
    on September 24, 2020 at 12:22 pm

    A critical vulnerability in Instagram's Android and iOS apps could have allowed remote attackers to run malicious code, snoop on unsuspecting users, and hijack control of smartphone cameras and microphones. Read more in my article on the Tripwire State of Security blog.

  • Government Services Firm Tyler Technologies Hit by Ransomware
    on September 24, 2020 at 12:03 pm

    Tyler Technologies, the self-proclaimed largest provider of US public sector software and technology services, is struggling with a cyberattack that disrupted many of its operations. As of yesterday, the official website tylertech.com is offline, and a maintenance notice greets users accessing the page: “Our Tyler Technologies corporate website is temporarily unavailable. We are aware of

  • SAP ASE leaves sensitive credentials in installation logs
    on September 24, 2020 at 12:00 pm

    SAP users should deploy the patches for Adaptive Server Enterprise (ASE) released last month because the server fails to clear credentials from persistent installation logs. Even though the credentials are encrypted or hashed, researchers warn that attackers can easily decrypt them to gain full access to a sensitive monitoring component.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ]Previously known as Sybase SQL Server, the SAP Adaptive Server Enterprise (ASE) is a high-performance relational database with on-premise and cloud deployment options. The product is used by over 30,000 organizations worldwide, including over 90% of the world's top 50 banks.To read this article in full, please click here

  • Facebook removes over 150 accounts linked to Philippine military
    on September 24, 2020 at 11:02 am

    Facebook has removed several accounts linked to the Philippines military and police for breaching the social media platform’s government interference guidelines. A full investigation of these accounts was brought to Facebook’s attention after information was brought to them by Rappler, an independent news sources in the Philipines. The operation has been linked back to those The post Facebook removes over 150 accounts linked to Philippine military appeared first on IT Security Guru.

  • iPhone 12 scam pretends to be Apple “chatbot” – don’t fall for it!
    on September 24, 2020 at 10:59 am

    If you got someone else's "free offer" in what looked like a misdirected message, would you take a peek?

  • More than one in five UK employees have received COVID-19 phishing emails
    on September 24, 2020 at 10:43 am

    A report by Webroot has found that more than one in five UK employees (22%) have received a COVID-19 related phishing email. The Webroot survey gathered data from 7,000 office workers worldwide and found that employees are receiving 34% more emails than they were last year. The survey also showed that business needs to remain The post More than one in five UK employees have received COVID-19 phishing emails appeared first on IT Security Guru.

  • Cybersecurity threats on the rise from COVID-19, study finds
    on September 24, 2020 at 10:29 am

    Netwrix has released its 2020 Cyber Threats Report aiming to understand the different threats industry professionals experience and how they respond to them, particularly in the time of COVID-19 with more employees working from home. The report outlines how 1 in 4 organisations feel they were exposed to more threats during the pandemic than they The post Cybersecurity threats on the rise from COVID-19, study finds appeared first on IT Security Guru.

  • Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone
    on September 24, 2020 at 10:22 am

    Ever wonder how hackers can hack your smartphone remotely? In a report shared with The Hacker News today, Check Point researchers disclosed details about a critical vulnerability in Instagram's Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. What's more worrisome is that the flaw not only lets attackers

  • Microsoft's Zerologon vulnerability fix: What admins need to know
    on September 24, 2020 at 10:00 am

    Microsoft recently released a patch (CVE-2020-1472) to fix a software issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). As noted on a Secura blog, an unauthenticated attacker with network access to a domain controller could exploit this vulnerability, dubbed Zerologon, to compromise all Active Directory (AD) identity services. An attacker does not need credentials to gain privileges on the network, only access to the domain. Install this update on your domain controllers as soon as possible if you have not done so already.To read this article in full, please click here(Insider Story)

  • Eli Lilly security finds strength in flexibility in WFH shift
    on September 24, 2020 at 10:00 am

    As executives throughout the United States scrambled to send employees home to work this past spring, Meredith Harper already had a roadmap for action.To read this article in full, please click here(Insider Story)

  • ISC StormCast for Thursday, September 24th 2020
    on September 24, 2020 at 2:00 am

    Dynamic Malicious Word Documenthttps://isc.sans.edu/forums/diary/Malicious+Word+Document+with+Dynamic+Content/26590/ Old Versions of SAMBA Affected by ZeroLogon Vulnerabilityhttps://www.samba.org/samba/security/CVE-2020-1472.html Google Chrome Updatehttps://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html QNAP Devices hit by AgeLocker Ransomwarehttps://www.bleepingcomputer.com/news/security/agelocker-ransomware-targets-qnap-nas-devices-steals-data/

  • Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack
    on September 23, 2020 at 11:06 pm

    Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but their response so far is straight out of the playbook for responding to ransomware incidents.

  • Smashing Security podcast #197: Greedy bosses, game cheats, and virtual beheadings
    on September 23, 2020 at 11:05 pm

    Why are Zoom and Twitter making some people disappear? How are Counter-Strike: Global Offensive cheats getting their just desserts? And the founder of a anti cyber-fraud firm is charged with fraud. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mark Stockley.

  • Gaming Industry Hit With 10B+ Attacks In Past Two Years
    on September 23, 2020 at 9:30 pm

    Criminals scored big with credential stuffing and web app attacks, yet many gamers seem unfazed.

  • Zerologon Patches Roll Out Beyond Microsoft
    on September 23, 2020 at 9:05 pm

    A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability.

  • Shopify's Employee Data Theft Underscores Risk of Rogue Insiders
    on September 23, 2020 at 9:05 pm

    The e-commerce platform has alerted more than 100 merchants of a data breach, highlighting the danger of malicious insiders.

  • Google Cloud Debuts Threat-Detection Service
    on September 23, 2020 at 9:00 pm

    Lockdown economics are driving a threat-intelligence business boom. Chronicle Detect is Google's answer to monitoring so much log data created by the distributed workforce.

  • India's Cybercrime and APT Operations on the Rise
    on September 23, 2020 at 8:00 pm

    Growing geopolitical tensions with China in particular are fueling an increase in cyberattacks between the two nations, according to IntSights.

  • Gamer Credentials Now a Booming, Juicy Target for Hackers
    on September 23, 2020 at 7:45 pm

    Credential abuse drives illicit market for in-game rare skins, special weapons and unique tools.

  • Naval Gazing around the South China Sea, and other disinformation. LokiBot is back in a big way. Darknet merchants busted. Cyber rioting along the Blue Nile.
    on September 23, 2020 at 7:15 pm

    Facebook takes down coordinated inauthenticity. A ransomware-involved death is attributed to DoppelPaymer. CISA and the FBI warn of coming election disinformation. LokiBot is back in a big way. Operation DisrupTor collars a hundred-seventy Darknet contraband merchants. Joe Carrigan comments on the botched ransomware attack in Germany that led to a woman's death. Our guest is Matt Davey from 1Password on why single sign on isn’t a silver bullet for enterprise security. And patriotic hacktivism flares along the Blue Nile. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/185

  • Microsoft's Azure Defender for IoT Uses CyberX Tech
    on September 23, 2020 at 6:10 pm

    Azure Defender for IoT is built to help IT and OT teams discover IoT and OT assets, identify critical flaws, and detect malicious behavior.

  • Detecting and Preventing Critical ZeroLogon Windows Server Vulnerability
    on September 23, 2020 at 6:09 pm

    If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' (CVE-2020-1472) and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the

  • My Journey Toward SAP Security
    on September 23, 2020 at 6:00 pm

    When applications are critical to the business's core functions, the CISO and their staff better get the security right.

  • Making the Case for Medical Device Cybersecurity
    on September 23, 2020 at 5:15 pm

    With an increasing number of Internet-connected medical devices in use to manage diabetes, protecting against a variety of wireless network attacks could very well be a matter of life and death.

  • Critical Industrial Flaws Pose Patching Headache For Manufacturers
    on September 23, 2020 at 3:32 pm

    When it comes to patching critical flaws, industrial firms face various challenges - with some needing to shut down entire factories in order to apply updates.

  • Critical Industrial Flaws, Pose Patching Headache For Manufacturers
    on September 23, 2020 at 3:32 pm

    When it comes to patching critical flaws, industrial firms face various challenges - with some needing to shut down entire factories in order to apply updates.

  • CISA: LokiBot Stealer Storms Into a Resurgence
    on September 23, 2020 at 3:27 pm

    The trojan has seen a big spike in activity since August, the Feds are warning.

  • OldGremlin Ransomware Group Bedevils Russian Orgs
    on September 23, 2020 at 2:26 pm

    The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March.

  • FBI, DHS Warn of 'Likely' Disinformation Campaigns About Election Results
    on September 23, 2020 at 2:20 pm

    Nation-state actors and cybercriminals could wage cyberattacks and spread false information about the integrity of the election results while officials certify the final vote counts.

  • 7 Non-Technical Skills Threat Analysts Should Master to Keep Their Jobs
    on September 23, 2020 at 2:00 pm

    It's not just technical expertise and certifications that enable analysts to build long-term careers in cybersecurity.

  • Rushed test and trace services put consumer privacy and health at risk
    on September 23, 2020 at 1:37 pm

    Since its launch in late May, the UK government’s Test and Trace service has been contentious. Not only has its efficacy been thrown into question by reports it’s failing to contact thousands who may have contracted COVID-19, but the Department of Health has also been forced to admit it launched the initiative without accounting for The post Rushed test and trace services put consumer privacy and health at risk appeared first on IT Security Guru.

  • People who have WOWED us over 25 years
    on September 23, 2020 at 1:03 pm

    Yvonne Eskenzi, founder and director of Eskenzi PR & Marketing celebrates 25 years in business with a series of discussions with experts and trailblazers of the cybersecurity industry. Episode 2, Yvonne talks with Stu Sjouwerman Founder and CEO of KnowBe4 about what drives him to succeed, the job role Director of Shenanigans, and how to The post People who have WOWED us over 25 years appeared first on IT Security Guru.

  • Bad Actors Could Exploit US Mail-In Voting System, FBI and CISA Warn
    on September 23, 2020 at 12:50 pm

    A joint statement released by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warns that foreign actors and cybercriminals are likely to exploit this year’s US mail-in voting system to spread disinformation about the 2020 elections. “The increased use of mail-in ballots due to COVID-19 protocols could leave officials with incomplete

  • Rogue Shopify staff accessed customer records, says ecommerce platform investigating security breach
    on September 23, 2020 at 12:42 pm

    Shopify, the major ecommerce platform which powers many online stores, has revealed that it suffered a serious breach of security at the hands of two rogue employees. Read more in my article on the Hot for Security blog.

  • (ISC)2 study reveals vastly improved perceptions about cybersecurity professionals
    on September 23, 2020 at 12:07 pm

    Today, (ISC)² has released the findings of their 2020 Cybersecurity Perception Study, which gives the opinions of 2,500 men and women working in cybersecurity from the UK and US. Overall, the research outlines a positive change in attitude towards working in the industry. This report comes at an important time as we close in on The post (ISC)2 study reveals vastly improved perceptions about cybersecurity professionals appeared first on IT Security Guru.

  • The dangers of ‘dark’ data in M&A deals
    on September 23, 2020 at 11:41 am

    It’s a fact perhaps not so widely known that 40% of acquiring companies going through an M&A discovered a cybersecurity problem during the post-acquisition integration.  What this would indicate is that acquirers aren’t being given the right information about the data security in the company they are buying. That’s pretty shocking considering the level of The post The dangers of ‘dark’ data in M&A deals appeared first on IT Security Guru.

  • 12 Bare-Minimum Benchmarks for AppSec Initiatives
    on September 23, 2020 at 11:30 am

    The newly published Building Security in Maturity Model provides the software security basics organizations should cover to keep up with their peers.

  • The Invisible Risk
    on September 23, 2020 at 11:13 am

    If you haven’t seen this video on attention, please do so, it’s just over a minute long.  The video is by Christopher Chabris and Daniel Simons, both authors of the book, ”The Invisible Gorilla,” in which they reveal the numerous ways our intuitions can deceive us.  In essence, much like we react to the video above, we The post The Invisible Risk appeared first on IT Security Guru.

  • Europol: “The Hidden Internet Is No Longer Hidden, and Your Anonymous Activity is Not Anonymous”
    on September 23, 2020 at 10:59 am

    Europol this week has announced the arrest of 179 vendors of illicit goods on the dark web, in a coordinated operation known as DisrupTor. According to the press release, operation DisrupTor follows the takedown of Wall Street Market, the world’s then second largest illegal online market in the dark web, which provided investigators with the

  • Russian cybergang targeting Russian businesses
    on September 23, 2020 at 10:22 am

    A newly identified cybercrime group has been repeatedly targeting Russian businesses with malware and ransomware as security firm Group-IB has found. Oleg Skulkin, Group-IB’s senior DFIR analyst states that “this is very unusual for Russian-speaking gangs who have this unspoken rule about not working within Russia and post-Soviet countries.” The group go by the name The post Russian cybergang targeting Russian businesses appeared first on IT Security Guru.

  • Long Island hospital experiences data breach
    on September 23, 2020 at 10:21 am

    Stony Brook University Hospital recently issued a warning to patients about a ransomware attacks which potentially exposed their personal data. Stony Brook University Hospital is the only tertiary care center and Regional Trauma Center in Long Island, and is just one of many recent hospitals to experience a data breach. The hospital contacted patients to The post Long Island hospital experiences data breach appeared first on IT Security Guru.

  • Eyewear Giant Luxottica Confirms Ransomware Attack
    on September 23, 2020 at 10:06 am

    Luxottica, the world’s largest eyewear manufacturer, has suffered a ransomware attack that forced the company to shut down operations. According to Italian media outlets, operations at Luxottica plants in Agordo and Sedico were disrupted due to a significant computer system failure. Employees were sent home via an SMS announcing, “the second work shift of today

  • Two rogue employees cause Shopify breach
    on September 23, 2020 at 10:05 am

    The Online e-commerce platform Shopify experienced a security breach caused by two rogue employees who accessed customer transaction details from merchants on the site. Shopify has estimated that under 200 of their one million online stores were affected by the breach. The breach is currently being investigated by the FBI and other law enforcement agencies The post Two rogue employees cause Shopify breach appeared first on IT Security Guru.

  • Shaking off old public sector security perceptions at L&Q Group
    on September 23, 2020 at 10:00 am

    The public sector is traditionally known for being slow, bureaucratic, often underfunded, and full of legacy technology. But public sector organisations are evolving how they approach and deliver security to become more agile, keep costs down and reduce risks without increasing burdens on often under-resourced security teams.To read this article in full, please click here(Insider Story)

  • Zerologon explained: Why you should patch this critical Windows Server flaw now
    on September 23, 2020 at 10:00 am

    On Friday, September 18, the US Cybersecurity and Infrastructure Security Agency (CISA) ordered all federal agencies to patch a critical privilege escalation flaw that affects Windows servers and could allow hackers to take over Windows networks. A patch has existed for the vulnerability — dubbed Zerologon — since August, but recently released technical details allowed hackers to create easy-to-use exploits. If your organization hasn't patched this flaw yet because Microsoft's original patch notes said exploitation was "less likely," you should do so immediately.To read this article in full, please click here

  • A New Hacking Group Hitting Russian Companies With Ransomware
    on September 23, 2020 at 9:07 am

    As ransomware attacks against critical infrastructure continue to spike in recent months, cybersecurity researchers have uncovered a new entrant that has been actively trying to conduct multistage attacks on large corporate networks of medical labs, banks, manufacturers, and software developers in Russia. The ransomware gang, codenamed "OldGremlin" and believed to be a Russian-speaking threat

  • ISC StormCast for Wednesday, September 23rd 2020
    on September 23, 2020 at 2:00 am

    Citrix ADC Udpateshttps://support.citrix.com/article/CTX281474 Firefox Version 81 Releasedhttps://www.mozilla.org/en-US/firefox/81.0/releasenotes/ Simple Scan Drops Ransomware Riskhttps://www.accesswire.com/607018/Corvus-Updates-Scan-Technology-with-RDP-Detection-Slashes-Ransomware-Claims-by-65 iOS 14 Jailbreakhttps://checkra.in/news/2020/09/iOS-14-announcement

Feed sources:

  • https://www.schneier.com/blog/atom.xml
  • https://nakedsecurity.sophos.com/feed/
  • https://krebsonsecurity.com/feed/
  • http://feeds.feedburner.com/GoogleOnlineSecurityBlog
  • https://www.darknet.org.uk/feed/
  • https://www.darkreading.com/rss_simple.asp
  • https://www.imperva.com/blog/feed/
  • https://www.csoonline.com/index.rss
  • http://feeds.feedburner.com/TheHackersNews
  • https://taosecurity.blogspot.com/feeds/posts/default
  • https://technet.microsoft.com/en-us/security/rss/advisory
  • https://podcasts.files.bbci.co.uk/b01n7094.rss
  • https://labsblog.f-secure.com/feed/
  • https://dfirblog.wordpress.com/feed/
  • https://www.us-cert.gov/ncas/alerts.xml
  • https://threatpost.com/feed/
  • https://www.fireeye.com/blog/threat-research/_jcr_content.feed
  • https://feeds.feedburner.com/CiscoBlogThePlatform
  • http://feeds.feedburner.com/GrahamCluleysBlog
  • http://feeds.feedburner.com/TroyHunt
  • http://blogs.securiteam.com/index.php/feed
  • https://www.secureworks.com/rss?feed=blog
  • https://hotforsecurity.bitdefender.com/feed
  • http://www.itsecurityguru.org/feed/
  • https://blogs.technet.microsoft.com/msrc/feed/
  • https://blogs.technet.microsoft.com/mmpc/feed/

Have more RSS feeds to add to the list? Contact me. Thanks!