Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for The Future of Attack ...

 Attack Surface Management (ASM)

Upwards of 70% of organizations have been compromised because of an unknown, unmanaged, or mismanaged visible asset. Improving your Attack Surface Management capabilities is critical, says David Monnier, a Fellow at Team Cymru. The post The Future of Attack Surface Management: How to Prepare appeared first on The   show more ...

Security Ledger with Paul F....Read the whole entry... » Related StoriesHow Vulnerability Management Has Evolved And Where It’s Headed NextIdentity Fraud: The New Corporate BattlegroundState of Modern Application Security: 6 Key Takeaways For 2022

 Malware and Vulnerabilities

The new ZuoRAT is targeting Small Office/Home Office, or SOHO, routers across North America and Europe, as part of an advanced campaign. An investigation into the case divulged that the trojan can cripple routers from multiple brands, such as ASUS, DrayTek, Cisco, and NETGEAR. For mitigation, organizations should   show more ...

ensure patch-planning for routers and confirm these devices are running the latest software available.

 Malware and Vulnerabilities

AstraLocker ransomware is shutting down its operations and has released decryptors. The threat actor plans on moving to cryptojacking from extortion schemes. However, some of the speculations are that the group feared some action by global law enforcement. Emsisoft is planning to soon roll out a universal decryptor for AstraLocker ransomware, which is currently in the works.

 Malware and Vulnerabilities

MITRE has released the 2022 CWE most dangerous software bugs list, highlighting that enterprises still face a raft of common weaknesses that must be protected from exploitation. Bugs, which fall under the software weaknesses category also include flaws, vulnerabilities, and various other errors found extensively in software solutions' code, architecture, implementation, or design.

 Malware and Vulnerabilities

In late April of this year, security researchers noticed some malware found in previous attacks had resumed activity after a long period of quiet. They also came across news that attackers have taken it upon themselves to recruit more ghost hackers.

 Mobile Security

Leaders of the US Senate Intelligence Committee on Tuesday called for an investigation into whether Chinese officials are getting access to data about US users of video-snippet sharing sensation TikTok.

 Govt., Critical Infrastructure

Vulnerability spots can bring in $500 or more for high-severity flaws, and critical holes are worth at least $1,000 with as much as $5,000 set aside for particular awards, such as $3,000 for the best finding for *.army.mil.

 Govt., Critical Infrastructure

NATO heads of state and governments participating in the summit also pledged to accelerate the delivery of non-lethal defense equipment to Ukraine, including boosting the country’s cyber-resilience.

 Govt., Critical Infrastructure

An investigation into cybersecurity at UK public services revealed a large disparity in defense budgets, hundreds of website vulnerabilities, and staff email addresses and passwords at one council posted in full online.

 Breaches and Incidents

Microsoft warned of the toll fraud malware threat that targets Android users to drain their wallets by automatically subscribing them to premium services. Toll fraud works over Wireless Application Protocol (WAP) that allows consumers to subscribe to paid content. To stay protected from toll fraud malware, users are recommended to ensure that they download apps or other media from a reliable source. 

 Feed

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged   show more ...

the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

 Feed

On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to set arbitrary cache attributes on all its pages) can trick Xen into validating an L2 pagetable that contains a cacheline that is marked as clean in the cache but actually differs from main memory.   show more ...

After the pagetable has been validated, an attacker can flush the "clean" cacheline, such that on the next load, unvalidated data from main memory shows up in the pagetable.

 Feed

Red Hat Security Advisory 2022-5498-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, buffer overflow, bypass,   show more ...

code execution, cross site scripting, denial of service, heap overflow, information leakage, privilege escalation, remote shell upload, remote SQL injection, and traversal vulnerabilities.

 Feed

Ubuntu Security Notice 5502-1 - Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could possibly use this issue to obtain sensitive information.

 Feed

Ubuntu Security Notice 5503-1 - Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures.

 Feed

Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans," cybersecurity firm SECUINFRA said in a new write-up published on July 5. The findings from the

 Feed

The operators of the Hive ransomware-as-a-service (RaaS) scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method. "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem," Microsoft Threat

 Feed

The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptographic library that could potentially lead to remote code execution under certain scenarios. The issue, now assigned the identifier CVE-2022-2274, has been described as a case of heap memory corruption with RSA private key operation that was introduced in OpenSSL version 3.0.4 released on

 Feed

Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detection. Palo Alto Networks Unit 42 said a malware sample uploaded to the VirusTotal database on May 19, 2022, contained a payload associated with Brute Ratel C4, a relatively new sophisticated toolkit "designed to avoid detection by endpoint

 Feed

July may positively disrupt and adrenalize the old-fashioned Dynamic Application Security Scanning (DAST) market, despite the coming holiday season. The pathbreaking innovation comes from ImmuniWeb, a global application security company, well known for, among other things, its free Community Edition that processes over 100,000 daily security scans of web and mobile apps.  Today, ImmuniWeb

 Feed

The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) has chosen the first set of quantum-resistant encryption algorithms that are designed to "withstand the assault of a future quantum computer." The post-quantum cryptography (PQC) technologies include the CRYSTALS-Kyber algorithm for general encryption, and CRYSTALS-Dilithium, FALCON, and SPHINCS+ for digital

 Feed only

Graham Cluley Security News is sponsored this week by the folks at Indusface. Thanks to the great team there for their support! It is hard to imagine an application without APIs (Application Programming Interface). For the past few years, APIs have become core foundational for the success of businesses. Hence, there   show more ...

is no surprise that … Continue reading "Comprehensive risk-based API protection with AppTrana"

 Business + Partners

Social engineering attacks like phishing, baiting and scareware have skyrocketed to take the top spot as the #1 cause of cybersecurity breaches. So what makes social engineering so effective? When cybercriminals use social engineering tactics, they prey on our natural instinct to help one another. And as it turns   show more ...

out, those instincts are so strong that they can override our sixth sense about cybercrime. But our urge to help people isn’t the only thing driving social engineering. Criminals are using new methods that target the vulnerabilities of hybrid workforces. These new tactics circumvent single layers of security and are so successful, cybercriminals are using them to target office workers. Read on to learn how social engineering works, how to spot social engineering and how to stop social engineering. How does social engineering work? Social engineering is a type of cyberattack where criminals use deception to trick their victims into voluntarily giving up confidential information. Here are some common social engineering tactics: Using social media to find personal information. Criminals are heading to social media sites liked LinkedIn to find their next victim – and they’re using any personal information they find to craft convincing phishing emails.Impersonation. Cybercriminals are taking advantage of the anonymity that comes with hybrid work arrangements to impersonate people. If you’ve never met anyone in your IT department it’s hard to know when someone is impersonating them.Targeting personal devices used for work. With the hybrid work boom here to stay, the lines between work and home life are blurring. Employees are now using work devices for personal matters and personal devices to connect to work. The problem? Personal devices often lack robust security. How to spot social engineering So how do you spot social engineering scams? Here are some of the tell-take signs you’re being targeted: Asking for log-in information. If you get a message asking you for log-in credentials – even if it’s from a trusted source – you’re probably the target of a social engineering attack. There’s no reason why someone else needs your login info, even if it’s your boss or your IT department.Urgently asking for money. Along the same lines, there’s almost never a reason why someone – even someone you know – would urgently need money.Asking to verify your information. This type of social engineering asks victims to verify their info to win a prize or a windfall. But even if the message is coming from a legitimate organization doesn’t mean it isn’t a scam with criminals spoofing an email or impersonating a business. How to stop social engineering attacks Now that you’ve learned the newest tactics and how to spot social engineering, all you need is to learn how to stop it. Forrester recommends layered defenses for preventing social engineering strategies like phishing.* That’s because most social engineering attacks are so good at getting past single layers of cyber protection. You and your business can stay safe from social engineering scams by combining Endpoint Protection and Email Security. You gain even more protection if you are able to add on Security Awareness Trainings and DNS Protection. Each layer you add gives you a better chance of stopping social engineering tactics. Want to learn more about social engineering and how to stop it? Read the infographic The post Can your business stop social engineering attacks? appeared first on Webroot Blog.

2022-07
Aggregator history
Wednesday, July 06
FRI
SAT
SUN
MON
TUE
WED
THU
JulyAugustSeptember