BuzzSec

Does the news on SUNBURST and SUPERNOVA have you feeling like you’re flapping in the (Solar)Wind? Join John Strand, Jonathan Ham, and Jake Williams as they discuss the implications of the breaches in this no-FUD webcast. No, we won’t be discussing “cyber Pearl Harbor” – because lets be honest, that’s just hyperbole. Join us to […] The post Webcast: Discussing Implications of the SolarWinds Breach(es) appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/webcast-discussing-implications-of-the-solarwinds-breaches/

It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack  – which possibly impacted up to 18,000 potential victims, including almost all of the Fortune 500 , involved a top-tier computer security vendor, at least a half-dozen top U.S. government agencies, and essentially brought the long feared, nation-state-sponsored, supply chain attack into reality. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/2020-top-phishing-vishing-attacks-and-trends

Security vendor CheckPoint provides insight into what are the organizational cybersecurity priorities for next two years, as well as where cybersecurity is going to be challenging. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/securing-remote-employees-is-the-top-2021-cybersecurity-challenge-for-organizations

In celebrating its two-year birthday this month, experts take a look at the Phobos ransomware in detail and offer up suggestions on how to avoid infection. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/phobos-ransomware-is-alive-and-well-targeting-smbs-and-asking-for-ransoms-of-19k

It appears the holidays aren’t without a cyber-grinch, as attackers use the lure of free money in the form of a gift card as an easy means to trick victims into infecting their own computers. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/scammers-use-a-100-amazon-gift-card-to-deliver-the-banking-trojan-dridex-to-their-victims

It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack  – which possibly impacted up to 18,000 potential victims, including almost all of the Fortune 500 , involved a top-tier computer security vendor, at least a half-dozen top U.S. government agencies, and essentially brought the long feared, nation-state-sponsored, supply chain attack into reality. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/2020-top-phishes-and-vishes

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information. The protocol s/MIME (V3) allows signed receipts, security labels, and secure mailing lists… The underlying certificate used by s/MIME mechanism has to be in compliance with X.509 standard…. The processing rules for s/MIME encryption operations… are as follows: the sequence of the operations is: first encryption and then signing, the encryption algorithm AES (Advanced Encryption Standard) with 256 bit key length and RSA with 1,024 bit key length shall be applied for symmetric and asymmetric encryption respectively, the hash algorithm SHA-1 shall be applied. s/MIME functionality is built into the vast majority of modern e-mail software packages including Outlook, Mozilla Mail as well as Netscape Communicator 4.x an

The SolarWinds incident highlights significant future risks. Undoubtedly the doors are now open for attacks of a similar nature. But where do you start? How do you incorporate the lessons learned from this attack? Which processes need to be reviewed? Which vendor relationships need to be scrutinized? With your questions in mind, we designed a 90-minute webinar in which we will guide you through a step-by-step action plan. Jumpstart the review and redesign of your Information Security Program and join us on January 7 at 1:00 PM CST! from SBS CyberSecurity https://sbscyber.com/resources/articleType/ArticleView/articleId/3781/webinar-security-after-solarwinds-time-to-redesign-your-program

Note: This blog is an abstract of an in-depth analysis on SolarWinds attribution. Download the complete analysis here . The recent expansive intrusion campaign of over half a dozen government agencies and as-yet unknown other organizations through malicious backdoors in the SolarWinds Orion platform is already one of the most significant acts of cyber espionage in history. This intrusion, dubbed SUNBURST/Solorigate, appears intended for information theft and espionage rather than destruction, placing this campaign within the realm of counterintelligence, not just incident response. Analyzing this incident within the realm of counterintelligence may fill the gap of descriptive language for this incident rather than bipolar descriptions of “sophisticated” or in-depth analysis which may add to confusion for network defenders. Additionally, only a handful of companies have direct access and the investigative resources to gain meaningful insights into the technical components of the backdo

Researchers at Anomali have discovered eighteen scam websites offering pets for sale. Most of the websites purport to be selling dogs, although some offer cats and birds as well. The sites are all operated by the same group of scammers that use similar social engineering tactics to lure people in. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/beware-of-puppy-scams

Among the various things that I have done in 2020, there is the collection of the main cyber attacks that have exploited cloud services in the kill chain. I have built a personal (and obviously incomplete) list using publicly available information. The complete timeline is available at the end of the post, while some statistics are summarized in the following charts... from HACKMAGEDDON https://www.hackmageddon.com/2020/12/30/cloud-native-threats-in-2020/

Good article on the evolution of ransomware : Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as simply the next step in a gradual and, unfortunately, predictable devolution. After years spent honing their techniques, attackers are growing bolder. They’ve begun to incorporate other types of extortion like blackmail into their arsenals, by exfiltrating an organization’s data and then threatening to release it if the victim doesn’t pay an additional fee. Most significantly, ransomware attackers have transitioned from a model in which they hit lots of individuals and accumulated many small ransom payments to one where they carefully plan attacks against a smaller group of large targets from which they can demand massive ransoms. The antivirus firm Emsisoft found that the average requested fee has increased from about $5,000 in 2018 to about $200,000 this year. Ransomware is a decades-old idea. Toda

Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And it’s perhaps fitting that this was also a leap year, piling on an extra day to a solar rotation that most of us probably can’t wait to see in the rearview mirror. But it was hardly a dull one for computer security news junkies. In almost every category — from epic breaches and ransomware to cybercrime justice and increasingly aggressive phishing and social engineering scams — 2020 was a year that truly went to eleven . Almost 150 stories here this past year generated nearly 9,000 responses from readers (although about 6 percent of those were on just one story ). Thank you all for your thoughtful engagement, wisdom, news tips and support. I’d like to reprise a note from last year’s anniversary post concerning ads. A

You did it - your organization has finally decided to take the first step in implementing security awareness training . But with starting something new there tends to be a 'deer in the headlights' moment  w and you ask yourself common questions - What now? Where do I begin? from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/how-to-kick-start-an-successful-security-awareness-training-program

from SANS Institute | Newsletters - Newsbites - RSS https://www.sans.org/newsletters/newsbites/xxii/101

It's true - not enough organizations utilize DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But before you implement these protection standards, what are they and how can you effectively use them? from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/what-you-need-to-know-about-dmarc

from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-10-53-heads-up-heres-some-powerful-ammo-to-grab-more-of-your-year-end-infosec-budget

A new report from Barracuda Networks found that business email compromise (BEC) attacks have nearly doubled over the past year. These attacks made up 12% of all spear phishing attacks in 2020, compared to 7% in 2019. While these might seem like low numbers, it’s worth keeping in mind that BEC attacks are far more devastating and require much more effort than normal phishing attacks. Attackers can spend months performing reconnaissance and setting up infrastructure before executing the attack, and successful BEC scams often result in multimillion-dollar losses for the victims. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/bec-attacks-nearly-doubled-in-2020

The bad guys are attempting to take advantage of Australian fears of COVID-19 in 2021. The National Identity and Cyber Support Service of Australia and New Zealand ID Care recently warned of COVID-19 phishing attacks using deepfakes that is set to launch in 2021. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/cybercriminals-attempt-to-exploit-australian-fears-on-covid-19

People need to be on the lookout for phishing attacks sent from legitimate but compromised social media accounts, according to Paul Ducklin at Naked Security. Ducklin describes a scam sent in by a reader who received an unexpected message from one of their Facebook friends. The message said, “Hi [name]. Hope you’re all well. Do you use online banking? I need help paying a bill.” The recipient recognized that it was a scam, but continued the conversation to find out what the scammer would say. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/a-friend-needs-money-urgently-youre-probably-getting-scammed

Here are important fresh content updates to share with you that happened in the month of December. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/knowbe4-fresh-content-updates-from-december-including-new-2021-knowbe4-flagship-training-modules

OK, let's sum up where we are, here at the end of December 2020. COVID has propelled IT from 2020 to 2030 in a matter of months. However, only a few of us were ready to have the large majority of our users to Work From Home. Your old firewall is useless. The hardware endpoint with its software security stack now sits in your user's bedroom. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/heads-up-heres-some-powerful-ammo-to-grab-more-of-your-end-of-year-infosec-budget

In my recent comment on the Solarwinds’ cyber attack , I made the claim that using multifactor authentication (MFA) can sometimes make you more at risk than using a simple login name and password. I wrote this: from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/how-you-can-be-more-at-risk-with-mfa

Consumers aren’t the only ones who can be victimized by social engineering attacks while shopping online, according to Arab News . Employees who use work devices for personal shopping are at risk of falling for scams and potentially letting attackers into the company’s network. Arab News quotes Werno Gevers, regional manager at Mimecast Middle East, discussing the findings of Mimecast’s recent report on how employees use company-issued devices. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/private-online-shopping-risks-affect-businesses-too

Joe Warminsky at Cyberscoop wrote: "The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose company discovered the activity. “This was not a drive-by shooting on the information highway. This was a sniper round from somebody a mile away from your house,” Mandia said Sunday morning on CBS’s “Face the Nation.” “This was special operations. And it was going to take special operations to detect this breach.” Mandia estimated that about “only about 50 companies or organizations” were the true targets of the operation, which is suspected to be the work of the Russian intelligence agency known as the SVR. Texas-based SolarWinds reportedly has about 300,000 customers overall in government and industry, and the malware in the spy campaign was pushed out to about 18,000 of those, including U.S. government agencies and major corporations. In th

A majority of UK businesses are failing to adequately train their remote working employees to spot security threats, according to new research from iomart. The cloud services company based its Cyber Security Insights Report on the views of 1167 UK workers at C-level, director, manager and employee level. It found that over a quarter (28%) of their employers offer no cybersecurity training for the distributed workforce, while a further 42% do but only to select employees. Of those who were offered training, 82% claimed that it was a short briefing rather than something more comprehensive. Less than a fifth (17%) said they had regular training sessions. That means, overall, just 8% of those surveyed receive regular security training. This comes at a time when threats are on the rise. A fifth (20%) of those surveyed reported seeing an increase in cyber-attacks as a result of working remotely. Cyber-criminals have been targeting remote workers with phishing emails often themed w

Wedbush senior tech analyst Dan Ives says cybersecurity spending will increase by 20% in 2021 as more companies ramp up protection following the SolarWinds hack that compromised state agencies and corporations including Microsoft. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/wedbush-analyst-cybersecurity-spending-will-increase-20-in-2021-due-to-solarwinds

Researchers at IBM discovered a brand new type of massive banking fraud campaign that raked in millions of dollars over the course of a few days before it was put to a stop. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/hack-alert-here-is-a-whole-new-way-cyber-criminals-empty-out-your-bank-account

Joining us this week is Aarti Borkar, vice president of product for IBM Security . She shares the story of her professional journey, starting out as a self-described data-geek through the path that led her to the leadership position she holds today. Aarti also shares her views on artificial intelligence , and how she believes it can be an enabler for security and the business itself. And we’ll get her thoughts on welcoming new and diverse talent to the field. This podcast was produced in partnership with the CyberWire . The post AI Enables Predictability and Better Business appeared first on Recorded Future . from Recorded Future https://www.recordedfuture.com/podcast-episode-190/

The bad guys are attempting to take advantage of Australian fears of COVID-19 in 2021. The National Identity and Cyber Support Service of Australia and New Zealand ID Care recently warned of COVID-19 phishing attacks using deepfakes that is set to launch in 2021. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cybercriminals-attempt-to-exploit-australian-fears-on-covid-19

   In The Wild - CyberSecurity Newsletter Happy New Year and welcome to the 203 rd  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!            {HACKER HOUR} ARE YOU PREPARED FOR AN INCIDENT? SBS Educational Resources Held Wednesday, December 30, 2020  2:00  - 3:00 PM CST Join SBS as we discuss what steps y