Posts

Showing posts from April, 2019

US-CERT - Google Releases Security Updates for Chrome

Original release date: April 30, 2019 Google has released Chrome version 74.0.3729.131 for Windows, Mac, and Linux. This version addresses two vulnerabilities, one of which an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT: The United States Computer Emergency Readiness Team https://www.us-cert.gov/ncas/current-activity/2019/04/30/Google-Releases-Security-Updates-Chrome

SANS - Issue #34 - Volume XXI - SANS Newsbites - April 30th, 2019

from SANS Institute | Newsletters - Newsbites - RSS https://www.sans.org/newsletters/newsbites/xxi/34

Krebs - Data: E-Retail Hacks More Lucrative Than Ever

Image
For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores. Traditionally, the average price for card data nabbed from online retailers — referred to in the underground as “ CVVs ” — has ranged somewhere between $2 and $8 per account. CVVs are are almost exclusively purchased by criminals looking to make unauthorized purchases at online stores, a form of thievery known as “ card not present ” fraud. In contrast, the value of “ dumps ” — hacker slang for card data swiped from compromised retail stores, hotels and restaurants with the help of malware installed on point-of-sale systems — has long hovered around $...

US-CERT - CISA Releases Binding Operational Directive on Vulnerability Remediation

Original release date: April 30, 2019 The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 19-02, Vulnerability Remediation Requirements for Internet-Accessible Systems. BOD 19-02 requires federal agencies to ensure effective and timely remediation of critical and high vulnerabilities. CISA encourages users and administrators to review the CISA blog post  on the BOD 19-02 release. Federal agencies should review BOD 19-02 for required actions and reporting procedures.  This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT: The United States Computer Emergency Readiness Team https://www.us-cert.gov/ncas/current-activity/2019/04/30/CISA-Releases-Binding-Operational-Directive-Vulnerability

TrustedSec - Webinar: Compliance in the Cloud

KnowBe4 - Tech Support Scam Freezes Browsers

Image
Trend Micro has found a new tech support scam that abuses HTML’s Inline Frame element (iframe) along with authentication pop-ups to freeze victims’ browsers by trapping them in a type of loop. The web page imitates a Microsoft support page and presents users with two pop-ups. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/tech-support-scam-freezes-browsers

KnowBe4 - Brunswick Church Falls For Phishing Scam Of Almost $2 Million

Image
Staff at St. Ambrose Roman Catholic Church in Brunswick say the church was scammed out of nearly $2 million. The church said a phishing email led it to believe that a construction firm doing renovation work at the church had changed its bank account. The news comes one week after St. Ambrose had reopened for Easter following its four-months-long, $5.5 million renovation.  from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/brunswick-church-falls-for-phishing-scam-of-almost-2-million

KnowBe4 - CyberheistNews Vol 9 #18 Scott County Schools Victim of 3.7 Million Dollar CEO Fraud Phishing Scam

Image
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-9-18-scott-county-schools-victim-of-3.7-million-dollar-ceo-fraud-phishing-scam

Schneier - Defending Democracies Against Information Attacks

To better understand influence attacks, we proposed an approach that models democracy itself as an information system and explains how democracies are vulnerable to certain forms of information attacks that autocracies naturally resist. Our model combines ideas from both international security and computer security, avoiding the limitations of both in explaining how influence attacks may damage democracy as a whole. Our initial account is necessarily limited. Building a truly comprehensive understanding of democracy as an information system will be a Herculean labor, involving the collective endeavors of political scientists and theorists, computer scientists, scholars of complexity, and others. In this short paper, we undertake a more modest task: providing policy advice to improve the resilience of democracy against these attacks. Specifically, we can show how policy makers not only need to think about how to strengthen systems against attacks, but also need to consider how these ...

KnowBe4 - PSA: How To Recognize Disinformation

Image
One of the skills everyone needs to prevent social engineering attacks is to recognize disinformation. False information that is intended to mislead people has become an epidemic on the internet. It is being used by cyber criminals, state-sponsored bad actors, influence campaigns, and now and then even in politics. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/psa-how-to-recognize-disinformation

SANS - "Offline Autoruns Revisited - Auditing Malware Persistence"

I was digging through the archives recently and stumbled upon my old post, Autoruns and Dead Computer Forensics. Autoruns is an indispensable tool from Sysinternals that extracts data from hundreds of potential auto-start extensibility points (ASEPs), a fancy Microsoft term for locations that can grant persistence to malicious code. We leverage live Autoruns collection in … Continue reading Offline Autoruns Revisited - Auditing Malware Persistence from SANS Digital Forensics and Incident Response Blog http://digital-forensics.sans.org/blog/2019/04/29/offline-autoruns-revisited

KnowBe4 - Why Marketing Departments Are Cyber Security Targets

Image
Because of what they do, marketing departments are potential cybersecurity risks themselves, and digital bad actors are well aware of it. "Since marketers are more closely connected to networking on social media, they share a lot of close-to-home data," writes Sam Bocetta, a now-retired security analyst with the Department of Defense with 30-years of experience. "It can turn into a simple endeavor for cybercriminals looking to social specialist their way inside an organization." from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/why-marketing-departments-are-cyber-security-targets

US-CERT - SB19-119: Vulnerability Summary for the Week of April 22, 2019

Original release date: April 29, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD , which contains historical vulnerability information. The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0 Medium - Vulnerabilities will be labeled Medium severit...