Posts

Showing posts from December, 2018

Schneier - China's APT10

Wired has an excellent article on China's APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers' networks. I am reminded of the NSA's " I Hunt Sysadmins " presentation, published by the Intercept . from Schneier on Security https://www.schneier.com/blog/archives/2018/12/chinas_apt10.html

HACKMAGEDDON - 1-15 December 2018 Cyber Attacks Timeline

t's time to publish the first timeline of December, covering the main cyber attacks occurred in the first half of the same month. In this fortnight have collected a total of 57 events (plus two that occurred in November that I included in this timeline), the same number of the second timeline of November, which confirms a sustained level of activity. from HACKMAGEDDON https://www.hackmageddon.com/2018/12/31/1-15-december-2018-cyber-attacks-timeline/

KnowBe4 - What Value Do Customers See In The KnowBe4 Platform?

Image
Someone at Spiceworks asked: "I know there are discussions of Company Phishing Campaigns and Security Awareness Training , curious what everyone uses other than KnowBe4. I have been delegated to shop around for something in the near future. I have already looked at King Phisher and Lucy, and continuing on to KnowBe4. I know there are a bunch out there. What does everyone else use?" from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/what-value-do-customers-see-in-the-knowbe4-platform

KnowBe4 - [Heads-up] North Korean Ransomware Attack Disrupts Major U.S. News Media

Image
It was all over the news. A server outage at a major newspaper publishing company on Saturday that prevented the distribution of many leading U.S. newspapers, including the Wall Street Journal, New York Times, Los Angeles Times, Chicago Tribune and Baltimore Sun. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/heads-up-north-korean-ransomware-attack-disrupts-major-u.s.-news-media

Krebs - Happy 9th Birthday, KrebsOnSecurity!

Image
Hard to believe we’ve gone another revolution around the Sun: Today marks the 9th anniversary of KrebsOnSecurity.com! This past year featured some 150 blog posts , but as usual the biggest contribution to this site came from the amazing community of readers here who have generously contributed their knowledge, wit and wisdom in more than 10,000 comments. Speaking of generous contributions, more than 100 readers have expressed their support in 2018 via PayPal donations to this site. The majority of those funds go toward paying for subscription-based services that KrebsOnSecurity relies upon for routine data gathering and analysis. Thank you. Your correspondence and tips have been invaluable, so by all means keep them coming. For the record, I’m reachable via a variety of means, including email , the contact form on this site , and of course Facebook , LinkedIn , and Twitter (direct messages are open to all). For more secure and discreet communications, please consider reaching out...

US-CERT - Securing New Devices

Original release date: December 28, 2018 During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), recommends these important steps you should consider to make your Internet of Things more secure: Use strong passwords . Passwords are a common form of authentication and are often the only barrier between you and your personal information. Some internet-enabled devices are configured with default passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Choose strong...

Schneier - Friday Squid Blogging: Squid-Focused Menus in Croatia

This is almost over : From 1 December 2018 -- 6 January 2019, Days of Adriatic squid will take place at restaurants all over north-west Istria. Restaurants will be offering affordable full-course menus based on Adriatic squid, combined with quality local olive oil and fine wines. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here . from Schneier on Security https://www.schneier.com/blog/archives/2018/12/friday_squid_bl_657.html

SANS - Issue #101 - Volume XX - SANS Newsbites - December 28th, 2018

from SANS Institute | Newsletters - Newsbites - RSS https://www.sans.org/newsletters/newsbites/xx/101

KnowBe4 - 2018: The Year of the Data Breach Tsunami [INFOGRAPHIC]

Image
Our friends at Malwarebytes wrote: "It’s tough to remember all of the data breaches that happened in 2018. But when you look at the largest and most impactful ones that were reported throughout the year, it paints a grim picture about the state of data security today. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/2018-the-year-of-the-data-breach-tsunami-infographic

Black Hills InfoSec - PODCAST: RDP Logging Bypass and Azure Active Directory Recon

For this podcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate what RDP logs record with launching password spraying attacks. This has implications for UBEA. It is… kind of cool. Second, we cover how to do […] The post PODCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/podcast-rdp-logging-bypass-and-azure-active-directory-recon/

Black Hills InfoSec - WEBCAST: RDP Logging Bypass and Azure Active Directory Recon

For this webcast we cover a couple of different topics. First, we talk about how to password spray in a non-attributable sort of way. Beau found a way to obfuscate what RDP logs record with launching password spraying attacks. This has implications for UBEA. It is… kind of cool. Second, we cover how to do […] The post WEBCAST: RDP Logging Bypass and Azure Active Directory Recon appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/webcast-rdp-logging-bypass-and-azure-active-directory-recon/

Schneier - Click Here to Kill Everybody Available as an Audiobook

Click Here to Kill Everybody is finally available on Audible.com . I have ten download codes. Not having anything better to do with them, here they are: HADQSSFC98WCQ LDLMC6AJLBDJY YWSY8CXYMQNJ6 JWM7SGNUXX7DB UPKAJ6MHB2LEF M85YN36UR926H 9ULE4NFAH2SLF GU7A79GSDCXAT 9K8Q4RX6DKL84 M92GB246XY7JN Congratulations to the first ten people to try to use them. from Schneier on Security https://www.schneier.com/blog/archives/2018/12/click_here_to_k_2.html

HACKMAGEDDON - November 2018 Cyber Attacks Statistics

It's time to publish the cyber attacks statistics derived from the timelines of November (part I and part II). This month I have collected a total of 126 events that confirm the growing trend (in October this number was 113), and position this month in the third place for 2018 behind February (133 events), and July (132). from HACKMAGEDDON https://www.hackmageddon.com/2018/12/28/november-2018-cyber-attacks-statistics/

Schneier - Massive Ad Fraud Scheme Relied on BGP Hijacking

This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced "eve") used their large reservoir of trusted IP addresses to conceal a fraud that otherwise would have been easy for advertisers to detect. The scheme employed a thousand servers hosted inside data centers to impersonate real human beings who purportedly "viewed" ads that were hosted on bogus pages run by the scammers themselves­ -- who then received a check from ad networks for these billions of fake ad impressions. Normally, a scam of this magnitude coming from such a small pool of server-hosted bots would have stuck out to defrauded advertisers. To camouflage the scam, 3ve operators funneled the servers' fraudulent page requests through millions of compromised IP addresses. About one million of those IP addresses belonged to computers, primarily based in the US and the UK, that attackers had infected with botnet softwar...

HACKMAGEDDON - 16-30 November 2018 Cyber Attacks Timeline

It's time to publish the second timeline of November, covering the main cyber attacks occurred between November 16 and November 30, plus a few events occurred in November that I missed in the previous timeline. Autumn seems to be particularly inspiring for crooks... from HACKMAGEDDON https://www.hackmageddon.com/2018/12/28/16-30-november-cyber-attacks-timeline/

KnowBe4 - [On-Demand Webinar] The Quantum Computing Break Is Coming... Will You Be Ready?

Image
  Quantum computing is a game-changer and will have a huge impact on the way we do business, safeguard data, explore space, and even predict weather events. Yet, some experts say in the not so distant future   quantum computers will break existing public key cryptography forever . from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/quantum-computing-webinar

KnowBe4 - Malicious Business Email Campaign Uses Google Cloud Storage to Target Banks and Financial Services Companies

Image
Researchers at Menlo Labs have spotted and tracked a new campaign aimed at tricking employees of US and UK financial firms and banks into downloading Houdini Malware . from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/malicious-business-email-campaign-uses-google-cloud-storage-to-target-banks-and-financial-services-companies

KnowBe4 - KnowBe4 Fresh Content Update & New Features December 2018

Image
Here's a few important updates to share with you for the month of December! from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/knowbe4-fresh-content-update-new-features-december-2018

KnowBe4 - You Must Know What You're Clicking On Even With MFA

Image
By Roger Grimes, KnowBe4's Data-driven Defense Evangelist.   I’ve been in computer security for over 30-years and I’ve been giving presentations nearly as long. And in that time, no talk has been as popular as my 12 Ways to Hack MFA . I’ve given the presentation dozens of times to many thousands of viewers. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/you-must-know-what-youre-clicking-on-even-with-mfa

Schneier - Stealing Nativity Displays

The New York Times is reporting on the security measures people are using to protect nativity displays. from Schneier on Security https://www.schneier.com/blog/archives/2018/12/stealing_nativi.html

KnowBe4 - Is Anyone in Charge of Information Security? Krebs Finds a Lack of Leadership Mentioned in 100 Largest Companies in the World

Image
If there’s anyone who is close to the pulse of security, it’s Brian Krebs. In one of his recent articles, he discusses how organizations discuss how very important information security is, and yet there is a distinct lack of mention of positions overseeing information security on executive leadership pages . from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/is-anyone-in-charge-of-information-security-krebs-finds-a-lack-of-leadership-mentioned-in-100-largest-companies-in-the-world

KnowBe4 - CyberheistNews Vol 8 #51 Dec 26th Welcome to the CyberheistNews 2019 Crystal Ball Issue.

Image
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-8-51-dec-26th-welcome-to-the-cyberheistnews-2019-crystal-ball-issue

Schneier - Human Rights by Design

Good essay: " Advancing Human-Rights-By-Design In The Dual-Use Technology Industry ," by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses can do far more than these basic measures. They could adopt a "human-rights-by-design" principle whereby they commit to designing tools, technologies, and services to respect human rights by default, rather than permit abuse or exploitation as part of their business model. The "privacy-by-design" concept has gained currency today thanks in part to the European Union General Data Protection Regulation (GDPR), which requires it. The overarching principle is that companies must design products and services with the default assumption that they protect privacy, data, and information of data subjects. A similar human-rights-by-design paradigm, for example, would prevent filtering companies from designing their technology with features that enable large-scale, indiscriminate, or inherently dispr...

KnowBe4 - New Clickbait Warning: "Captain America Star Hayley Atwell Nude Photos Hacked"

Image
And another one... will these stars ever learn? We suggest you send a simulated phishing attack to inoculate your users. There is a new template available in our Controversial/NSFW category: from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/new-clickbait-warning-captain-america-star-hayley-atwell-nude-photos-hacked

Schneier - Glitter Bomb against Package Thieves

Stealing packages from unattended porches is a rapidly rising crime, as more of us order more things by mail. One person hid a glitter bomb and a video recorder in a package, posting the results when thieves opened the box. At least, that's what might have happened. At least some of the video was faked , which puts the whole thing into question. That's okay, though. Santa is faked, too. Happy whatever you're celebrating . from Schneier on Security https://www.schneier.com/blog/archives/2018/12/glitter_bomb_ag.html

KnowBe4 - Iranian Hacker Group Beats 2FA with New Phishing Campaign Targeting Google Users

Image
A new phishing attack method shows that even the mighty two-factor authentication can be beaten without needing to possess a user’s mobile device. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/iranian-hacker-group-beats-2fa-with-new-phishing-campaign-targeting-google-users

US-CERT - SB18-358: Vulnerability Summary for the Week of December 17, 2018

Original release date: December 24, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium seve...