π΄ State-Sponsored Groups Increasingly Use Cloud & Open Source Infrastructure π΄
π Read
via "Dark Reading".
Microsoft shuts down Azure Active Directory instances used by attackers to evade detection and warns that the use of open source tools by espionage groups is growing.π Read
via "Dark Reading".
Darkreading
State-Sponsored Hacking Groups Increasingly Use Cloud & Open Source Infrastructure
Microsoft shuts down Azure Active Directory instances used by attackers to evade detection and warns that the use of open source tools by espionage groups is growing.
β Las Vegas Studentsβ Personal Data Leaked, Post-Ransomware Attack β
π Read
via "Threat Post".
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.π Read
via "Threat Post".
Threat Post
Las Vegas Studentsβ Personal Data Leaked, Post-Ransomware Attack
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
π¦Ώ How to handle security risks in a hybrid work environment π¦Ώ
π Read
via "Tech Republic".
Half of the organizations surveyed by Tessian were hit by a security incident while employees were working remotely. Here are some tips for mitigation.π Read
via "Tech Republic".
TechRepublic
How to handle security risks in a hybrid work environment
Half of the organizations surveyed by Tessian were hit by a security incident while employees were working remotely. Here are some tips for mitigation.
βΌ CVE-2020-4607 βΌ
π Read
via "National Vulnerability Database".
IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. IBM X-Force ID: 184884.π Read
via "National Vulnerability Database".
β The Network Perimeter: This Time, Itβs Personal β
π Read
via "Threat Post".
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.π Read
via "Threat Post".
Threat Post
The Network Perimeter: This Time, Itβs Personal
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
π΄ Shifting Left of Left: Why Secure Code Isn't Always Quality Code π΄
π Read
via "Dark Reading".
Enabling engineers to share responsibility for security and empowering them to erase common vulnerabilities are good starting points.π Read
via "Dark Reading".
Dark Reading
Shifting Left of Left: Why Secure Code Isn't Always Quality Code
Enabling engineers to share responsibility for security and empowering them to erase common vulnerabilities are good starting points.
β Zerologon Attacks Against Microsoft DCs Snowball in a Week β
π Read
via "Threat Post".
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.π Read
via "Threat Post".
Threat Post
Zerologon Attacks Against Microsoft DCs Snowball in a Week
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
βΌ CVE-2020-15216 βΌ
π Read
via "National Vulnerability Database".
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revision f6188febf0c29d7ffe26a0436212b19cb9615e64 or version 1.1.0π Read
via "National Vulnerability Database".
π Ahead of Election, FBI, CISA Issue Warning on Disinformation Campaigns π
π Read
via "Digital Guardian".
The FBI and CISA have issued another warning about the 2020 election, asserting that foreign actors are spreading disinformation around hacked voter information.π Read
via "Digital Guardian".
Digital Guardian
Ahead of Election, FBI, CISA Issue Warning on Disinformation Campaigns
The FBI and CISA has issued another warning about the 2020 election, asserting that foreign actors will spread disinformation around hacked voter information.
π΄ Vulnerability in Wireless Router Chipsets Prompts Advisory π΄
π Read
via "Dark Reading".
Synopsys issues an advisory for vulnerabilities affecting the chipsets of wireless routers from Qualcomm, Mediatek, and Realtek.π Read
via "Dark Reading".
Dark Reading
Vulnerability in Wireless Router Chipsets Prompts Advisory
Synopsys issues an advisory for vulnerabilities affecting the chipsets of wireless routers from Qualcomm, Mediatek, and Realtek.
π¦Ώ FBI says hackers want to stoke doubt about the 2020 election π¦Ώ
π Read
via "Tech Republic".
In a PSA on Monday, the FBI and CISA warned about the potential for widespread disinformation campaigns in the run-up to November.π Read
via "Tech Republic".
TechRepublic
FBI says hackers want to stoke doubt about the 2020 election
In a PSA on Monday, the FBI and CISA warned about the potential for widespread disinformation campaigns in the run-up to November.
π΄ Securing Slack: 5 Tips for Safer Messaging, Collaboration π΄
π Read
via "Dark Reading".
Remote workers and scattered teams are relying on Slack more and more for messaging and collaboration. Here are a few extra tips for keeping data and systems more secure when using Slack.π Read
via "Dark Reading".
Dark Reading
Securing Slack: 5 Tips for Safer Messaging, Collaboration
Remote workers and scattered teams are relying on Slack more and more for messaging and collaboration. Here are a few extra tips for keeping data and systems more secure when using Slack.
π΄ New Campaign by China-Linked Group Targets US Orgs for First Time π΄
π Read
via "Dark Reading".
In a least one instance, the Palmerworm APT group was able to remain undetected on a compromised system for nearly six months, according to Symantec.π Read
via "Dark Reading".
Dark Reading
New Campaign by China-Linked Group Targets US Orgs for First Time
In a least one instance, the Palmerworm APT group was able to remain undetected on a compromised system for nearly six months, according to Symantec.
π΄ DDoS Attacks Soar in First Half of 2020 π΄
π Read
via "Dark Reading".
Shorter, faster, multivector attacks had a greater impact on victims.π Read
via "Dark Reading".
Dark Reading
DDoS Attacks Soar in First Half of 2020
Shorter, faster, multivector attacks had a greater impact on victims.
π΄ Microsoft: Ransomware & Nation-State Attacks Rise, Get More Sophisticated π΄
π Read
via "Dark Reading".
Malware-based attacks are out, phishing is in, along with credential stuffing and business email compromise. Microsoft recommends defensive tactics in its new report on rising threats.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Why Web Browser Padlocks Shouldnβt Be Trusted β
π Read
via "Threat Post".
Popular βsafe browsingβ padlocks are now passe as a majority of bad guys also use them.π Read
via "Threat Post".
Threat Post
Why Web Browser Padlocks Shouldnβt Be Trusted
Popular βsafe browsingβ padlocks are now passe as a majority of bad guys also use them.
βΌ CVE-2020-5132 βΌ
π Read
via "National Vulnerability Database".
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organizationΓΒ’Γ’β¬ÒβΒ’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability.π Read
via "National Vulnerability Database".
π΄ Attacker Dwell Time: Ransomware's Most Important Metric π΄
π Read
via "Dark Reading".
How to bolster security defenses by zeroing in on the length of time an interloper remains undetected inside your networkπ Read
via "Dark Reading".
Dark Reading
Attacker Dwell Time: Ransomware's Most Important Metric
How to bolster security defenses by zeroing in on the length of time an interloper remains undetected inside your network.
β Microsoft Exchange Servers Still Open to Actively Exploited Flaw β
π Read
via "Threat Post".
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.π Read
via "Threat Post".
Threat Post
Microsoft Exchange Servers Still Open to Actively Exploited Flaw
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
βΌ CVE-2020-15731 βΌ
π Read
via "National Vulnerability Database".
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.π Read
via "National Vulnerability Database".
βΌ CVE-2019-17098 βΌ
π Read
via "National Vulnerability Database".
Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. This issue affects: August Connect Wi-Fi Bridge App version v10.11.0 and prior versions on Android. August Connect Firmware version 2.2.12 and prior versions.π Read
via "National Vulnerability Database".