Cyber security aggregate rss news

Cyber security aggregator - feeds history

image for Kaspersky Safe Kids  ...

 Products

Its been a while since my last post on new/updated products, so heres making up for that… Our Kompany mission is to protect any and all citizens of the digital world — anywhere and any-when — against all cyber-evil in all its many flavors, stripes and categories. And that of course includes protection of the   show more ...

worlds most vulnerable internet users — children. We firmly believe in advising kids on how to recognize potential threats on the internet, as well as how to conduct oneself properly on the internet in general. Then, hopefully, theres nothing embarrassing or even painful accompanying a child online for the rest of his/her life; after all, whatevers put on the internet stays there — forever. We do our bit in this in various ways; for example: with webinars, public speaking appearances, joint educational projects, books, cartoons, videos and research. And we also provide protection for kids with our parental-controls app — Kaspersky Safe Kids. Up and running several years already, the app is constantly improved and fine-tuned so as to better suit the particular needs of children and their parents when it comes to using digital devices safely. But it hasnt always been plain sailing for us: a couple years ago we had to… — get this: fight for the right to protect children with our app. Eh?! Indeed, we had to resort to legal action in connection with a certain famous apple-emblazoned company to prevent its using unfair competitive advantages for its own parental-controls function included in its mobile operating system. Still, as is our wont with legal battles, we won the antitrust case, and the functionality that wasnt permitted before was enabled; fairness, common sense and justice prevailed! Interested in how the Federal Antimonopoly Service case went? Then check out this, this and this. Ok — back to our fully-functional Safe Kids app. I think Ive already mentioned that we constantly improve it. Well let me tell you about the latest improvements… In the very latest version of the app for iOS weve expanded the functionality for parents — adding more features for supervising their offsprings online activity. Thus, parents (or guardians) can now more thoroughly filter undesirable online content as per specific categories, learn more about the preferences and interests of their children (in particular, by monitoring what YouTube videos are watched), and set screen-time limits. Here are a few screenshots of the interface for parents: Thus, as if by magic, the app can be used to transform (at least for now) YouTube into a useful — and more importantly, safe — educational and entertainment platform. And thats something to be applauded. But dont just take my word for it. Our apps been fully tested and recognized as rocking by various independent experts around the world. For example, based on the results of broad testing of parental control solutions in 2021, our Safe Kids was both approved and praised by the independent research institute AV-TEST GmbH: Fast forward to this year, and at the annual Mobile World Congress (MWC Barcelona 2022) Safe Kids was deemed the top parental-control solution in the Best of MWC 2022 awards. Oh yes. Oh nice. But we wont be stopping there; why would we? Well simply carry on tweaking and improving it. Sure, doing so is getting increasingly harder, as its near perfect as-is; but we will — somehow ). Stay tuned!

image for Feel Good Ukraine Tr ...

 Agriculture

The good news? John Deere bricked expensive farm equipment taken by thieving Russian troops. The bad news: those same remote access features could be used to launch crippling, large scale attacks on US farms. The post Feel Good Ukraine Tractor Story Highlights Ag Cyber Risk appeared first on The Security Ledger with   show more ...

Paul F. Roberts. Related StoriesDEF CON: Security Holes in Deere, Case IH Shine Spotlight on Agriculture Cyber RiskEpisode 235: Justine Bone of MedSec on Healthcare InsecurityEpisode 234: Rep. Jim Langevin on Cyber Policy in an Age of Political Polarization

 Companies to Watch

The Series B round was led by IVP with participation from BIG Labs, Unusual Ventures, Tiger Global Management, and several undisclosed angel investors. It takes the company's valuation to $450 million.

 Malware and Vulnerabilities

Since the include statement was buried deep down into the wp-settings.php file, it was easy to miss on a casual review. Additionally, because the include itself does not follow any malware patterns, it could be missed by malware scanners.

 Trends, Reports, Analysis

There may be a risk of retaliatory activity by threat actors supporting the Russian Federation, against organizations being leveraged to unwittingly conduct disruptive attacks against government, military, and civilian websites.

 Govt., Critical Infrastructure

The unit, formerly known as the cyber unit, will be renamed as the crypto assets and cyber unit and will continue to reside in the Division of Enforcement. It will also gain 20 additional team members, taking the unit's total headcount to 50.

 Breaches and Incidents

Transport for NSW has confirmed its Authorised Inspection Scheme (AIS) online application was impacted by a cyber incident in early April. The AIS authorizes examiners to inspect vehicles to ensure a minimum safety standard.

 Malware and Vulnerabilities

The threat group exfiltrates data prior to deploying ransomware and leaks the stolen information if a ransom is not paid. The group has demanded multi-million dollar ransoms from some victims.

 Feed

Ubuntu Security Notice 5390-2 - David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Bouman discovered that the netfilter subsystem in the   show more ...

Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information.

 Feed

Red Hat Security Advisory 2022-1681-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.4 General Availability release images. This update provides security fixes, bug fixes, and updates container images. Issues addressed include bypass and traversal vulnerabilities.

 Feed

WannaCry ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL to execute our own code in order to control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:WindowsSystem32" and if not we grab our process ID and terminate.   show more ...

We do not need to rely on hash signatures or third-party products, the malware vulnerability does the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

 Feed

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code in order to control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:WindowsSystem32" and if not we grab our process ID   show more ...

and terminate. We do not need to rely on hash signature or third-party products as the malware vulnerability will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

 Feed

Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code to control and terminate the malware pre-encryption. The exploit dll will check if the current directory is "C:WindowsSystem32". If not, we grab our process ID and terminate.   show more ...

We do not need to rely on hash signature or third-party products, the malware vulnerability will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

 Feed

Conti ransomware looks for and loads a DLL named "wow64log.dll" in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). Our Conti.Ransom exploit DLL must export the   show more ...

"InterlockedExchange" function or it fails with an error. We do not need to rely on hash signature or third-party products, the malware vulnerability will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

 Feed

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

 Feed

Ubuntu Security Notice 5395-2 - USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code.

 Feed

Red Hat Security Advisory 2022-1703-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.

 Feed

Ubuntu Security Notice 5401-1 - Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that DPDK incorrectly handled inflight type messages. An attacker could possibly use this issue to cause DPDK to consume resources, leading to a denial of service.

 Feed

Ubuntu Security Notice 5402-1 - Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. Raul Metsma discovered that OpenSSL incorrectly verified certain response signing certificates. A remote   show more ...

attacker could possibly use this issue to spoof certain response signing certificates. This issue only affected Ubuntu 22.04 LTS.

 Feed

Red Hat Security Advisory 2022-1701-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2022-1708-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

 Feed

Red Hat Security Advisory 2022-1705-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2022-1709-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 serves as a replacement for Red Hat   show more ...

Single Sign-On 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2022-1622-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.57.

 Feed

Red Hat Security Advisory 2022-1702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2022-1704-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.0 ESR. Issues addressed include a bypass vulnerability.

 Feed

Red Hat Security Advisory 2022-1712-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 8 serves as a security patch for   show more ...

Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.

 Feed

Red Hat Security Advisory 2022-1711-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.2 on RHEL 7 serves as a security patch for   show more ...

Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a privilege escalation vulnerability.

 Feed

Ubuntu Security Notice 5400-2 - USN-5400-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38.

 Feed

A growing number of threat actors are using the ongoing Russo-Ukrainian war as a lure in various phishing and malware campaigns, even as critical infrastructure entities continue to be heavily targeted. "Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort to get targets to open

 Feed

The U.S. Securities and Exchange Commission (SEC) on Tuesday announced that it will expand and rebrand its Cyber Unit to fight against cyber-related threats and protect investors in cryptocurrency markets. To that end, the SEC is renaming the Cyber Unit within the Division of Enforcement to Crypto Assets and Cyber Unit and plans to infuse 20 additional positions with the goal of investigating

 Feed

An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019. Dubbed "Operation CuckooBees" by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information. Targets included technology and

 Feed

A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an

 Feed only

Graham Cluley Security News is sponsored this week by the folks at Keeper Security. Thanks to the great team there for their support! The mass migration to distributed work presented IT and DevOps teams with new challenges as they were forced to perform infrastructure monitoring and management remotely. IT and DevOps   show more ...

personnel needed a secure, … Continue reading "Keeper Connection Manager : Privileged access to remote infrastructure with zero-trust and zero-knowledge security"

 Home + Mobile

Passwords have become a common way to access and manage our digital lives. Think of all the accounts you have with different providers. Having a password allows you to securely access your information, pay bills or connect with friends and family on various platforms. However, having a password alone is not enough.   show more ...

Your password for each of your accounts needs to be difficult to guess and unpredictable. Your passwords also need to be managed and protected. With World Password Day around the corner, it’s important to take a moment and reflect on the importance of strengthening our digital hygiene beginning with our passwords. When it comes generating a password, most of us rely on things that we can remember. A birth date, a pet’s name or our favorite sports team. While these options make it easier for us to recall our passwords, it also makes it far simpler for a cybercriminal to uncover them too. With all of the information we are freely sharing online through our social media platforms, a cybercriminal can easily spend a very small amount of time researching our habits, connections and other elements of our lives to guess potential passwords and gain access to our information. That’s why maintaining password integrity helps protect our online lives and reduces the risk of becoming a victim of identity theft or data loss. What is password integrity? Think of the foundation of a building. To prevent the building from collapsing in the future causing serious harm, it needs to be built with certain principles in mind. Password integrity involves the same concept. Passwords are the foundation of our digital lives. If they aren’t secure or properly managed, we run the risk of falling victim to cybercriminals who are eager to access our personal data. Predicable passwords are problematic for several reasons. If your passwords follow the standard guidelines offered by most sites that require a single capital letter, at least 6 charters, numbers and one special character, hackers can easily make a series of attempts to try and gain access. Without proper password integrity, personal information and business data may be at risk. The impacts for businesses and consumers are enormous. The average cost of a data breach in 2021 rose to over 4 million dollars, increasing 10% from 2020. For some small to medium-sized (SMBs) businesses, this means incurring a financial hit that could mean closing up shop. For consumers, dealing with identity theft can involve a world of headache. From freezing credit cards and assets to contacting all of the companies you regularly interact with, recovering from identity theft can be difficult and time consuming.  How to develop password integrity The best way to prevent unauthorized access to your accounts is to protect and manage them. While avoiding duplication of passwords for multiple accounts and enabling two-way authentication can help, using a password manager is another way to help manage all of your account passwords seamlessly. Included in Webroot’s SecureAnywhere Internet Security Plus antivirus solution is access to LastPass®, a reliable and secure password management tool. LastPass is the most trusted name in secure password management. It encrypts all username, password and credit card information to help keep you safe online. LastPass gives you access to a password vault to store and access all of your passwords from any device. Securing your digital life means protecting and managing your information. Having a reliable password management tool can help you effortlessly manage all of your passwords. As World Password Day approaches, take a step back and assess your digital hygiene beginning with your passwords. As cybercriminals develop more sophisticated ways to steal our information or identity, maintaining our own password integrity becomes key. Discover Webroot’s antivirus solutions and learn more about LastPass. The post World Password Day and the importance of password integrity appeared first on Webroot Blog.

2022-05
Aggregator history
Wednesday, May 04
SUN
MON
TUE
WED
THU
FRI
SAT
MayJuneJuly