Posts

Showing posts from August, 2021

Threat Post - Fortress Home Security Open to Remote Disarmament

A pair of unpatched security vulnerabilities can allow unauthenticated cyberattackers to turn off window, door and motion-sensor monitoring. from Threatpost https://threatpost.com/fortress-home-security-remote-disarmament/169069/

Threat Post - Cream Finance DeFi Platform Rooked For $29M

Cream is latest DeFi platform to get fleeced in rash of attacks. from Threatpost https://threatpost.com/cream-finance-defi-29m/169077/

Threat Post - Proxyware Services Open Orgs to Abuse – Report

Services that let consumers resell their bandwidth for money are ripe for abuse, researchers warn. from Threatpost https://threatpost.com/abuse-of-proxyware-services/169068/

KnowBe4 - When the URL Domain Is Not Enough To Avoid a Phish

Image
One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!” from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-the-url-domain-is-not-enough-to-avoid-a-phish

KnowBe4 - [Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Image
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/live-demo-ridiculously-easy-security-awareness-training-and-phishing

Rapid 7 - Cybersecurity in the Infrastructure Bill

Image
On August 10, 2021, the U.S. Senate passed the Infrastructure Investment and Jobs Act of 2021 ( H.R.3684 ). The bill comes in at 2,700+ pages, provides for $1.2T in spending, and includes several cybersecurity items. We expect this legislation to become law around late September and do not expect significant changes to the content. This post provides highlights on cybersecurity from the legislation. (Check out our joint letter calling for cybersecurity in infrastructure legislation here .) Cybersecurity is a priority — that’s progress Cybersecurity is essential to ensure modern infrastructure is safe, and Rapid7 commends Congress and the Administration for including cybersecurity in the Infrastructure Investment and Jobs Act. Rapid7 led industry calls to include cybersecurity in the bill, and we are encouraged that several priorities identified by industry are reflected in the text, such as cybersecurity-specific funding for state and local governments and the electrical grid. On...

US-CERT - FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/current-activity/2021/08/31/fbi-cisa-advisory-ransomware-awareness-holidays-and-weekends

US-CERT - Ransomware Awareness for Holidays and Weekends

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/alerts/aa21-243a

Threat Post - WooCommerce Pricing Plugin Allows Malicious Code-Injection

The popular Dynamic Pricing and Discounts plugin from Envato can be exploited by unauthenticated attackers. from Threatpost https://threatpost.com/woocommerce-plugin-malicious/169063/

Recorded Future - H1 2021: Malware and Vulnerability Trends Report

Image
Editor’s Note : The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF. Executive Summary This report examines trends in malware use, distribution, and development, and high-risk vulnerabilities disclosed by major hardware and software vendors between January 1 and June 30, 2021. Data was assembled from the Recorded Future® Platform, open-source intelligence (OSINT), and public reporting on NVD data. This report will assist threat hunters and security operations center (SOC) teams in strengthening their security posture by prioritizing hunting techniques and detection methods based on this research and data along with vulnerability teams looking for ways to prioritize patching and identify trends in vulnerability targeting. Trends within vulnerability exploitation and malware attacks often intersect, as threat groups will target these flaws to deliver, distribute, and execute their malicious code onto vulnerable s...

Threat Post - QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout

The NAS maker issued two security advisories about the RCE and DoS flaws, adding to a flurry of advisories from the vast array of companies whose products use OpenSSL. from Threatpost https://threatpost.com/qnap-openssl-bugs/169054/

Threat Post - Top 3 APIs Vulnerabilities: Why Apps are Owned by Cyberattackers

Jason Kent, hacker-in-residence at Cequence, talks about how cybercriminals target apps and how to thwart them. from Threatpost https://threatpost.com/top-3-api-vulnerabilities-cyberattackers/169048/

KnowBe4 - CyberheistNews Vol 11 #34 [Heads Up] A Tricky New COVID-19 Phishing Caper

Image
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-11-34-heads-up-a-tricky-new-covid-19-phishing-caper

Rapid 7 - CVE-2021-3927[67]: Fortress S03 WiFi Home Security System Vulnerabilities

Image
Rapid7 researcher Arvind Vishwakarma discovered multiple vulnerabilities in the Fortress S03 WiFi Home Security System. These vulnerabilities could result in unauthorized access to control or modify system behavior, and access to unencrypted information in storage or in transit. CVE-2021-39276 describes an instance of CWE-287 ; specifically, it describes an insecure cloud API deployment which allows unauthenticated users to trivially learn a secret that can then be used to alter the system's functionality remotely. It has an initial CVSS score of 5.3 (medium). CVE-2021-39277 describes an instance of CWE-294 , a vulnerability where anyone within Radio Frequency (RF) signal range could capture and replay RF signals to alter systems behavior, and has an initial CVSS score of 5.7 . Product Description The Fortress S03 WiFi Home Security System is a do it yourself (DIY) consumer grade home security system which leverages WiFi and RF communication to monitor doors, windows, and motio...

Schneier - More Military Cryptanalytics, Part III

Late last year, the NSA declassified and released a redacted version of Lambros D. Callimahos’s Military Cryptanalytics, Part III . We just got most of the index . It’s hard to believe that there are any real secrets left in this 44-year-old volume. from Schneier on Security https://www.schneier.com/blog/archives/2021/08/more-military-cryptanalytics-part-iii.html

Threat Post - LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection

Researchers from Sophos discovered the emerging threat in July, which exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems. from Threatpost https://threatpost.com/lockfile-ransomware-avoid-detection/169042/

Threat Post - HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

HPE joins Apple in warning customers of a high-severity Sudo vulnerability. from Threatpost https://threatpost.com/hpe-sudo-bug-aruba-platform/169038/

Threat Post - Army Testing Facial Recognition in Child-Care Centers

Army looking for AI to layer over daycare CCTV to boost ‘family quality of life.’ from Threatpost https://threatpost.com/army-facial-recognition-child-care/169036/

Threat Post - The Underground Economy: Recon, Weaponization & Delivery for Account Takeovers

In part one of a two-part series, Akamai's director of security technology and strategy, Tony Lauro, lays out what orgs need to know to defend against account takeover attacks. from Threatpost https://threatpost.com/underground-economy-account-takeovers/169032/

Threat Post - Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping

The bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more. from Threatpost https://threatpost.com/microsoft-exchange-proxytoken-email/169030/

Recorded Future - Cyber Citizenship Education is Essential

Scholars and researchers from the think tank New America recently released an education policy initiative titled, Teaching Cyber Citizenship — Bridging Education and National Security to Build Resilience to New Online Threats. The report outlines challenges facing educators when it comes to preparing students for the online world, describes the broad spectrum of reasons why it’s important that they are properly prepared, and provides resources and potential solutions for communities and school systems to adopt. Joining us this week are two of the report’s coauthors, Lisa Guernsey, director of New America’s Teaching, Learning and Tech Program, and Peter W. Singer, strategist and senior fellow.   This podcast was produced in partnership with the CyberWire . The post Cyber Citizenship Education is Essential appeared first on Recorded Future . from Recorded Future https://www.recordedfuture.com/podcast-episode-223/

US-CERT - Vulnerability Summary for the Week of August 23, 2021

from CISA All NCAS Products https://us-cert.cisa.gov/ncas/bulletins/sb21-242

Threat Post - LockBit Gang to Publish 103GB of Bangkok Air Customer Data

The airline announced the breach on Thursday, and the ransomware gang started a countdown clock the next day. from Threatpost https://threatpost.com/lockbit-bangkok-airways-breach/169019/

SBS CyberSecurity - In The Wild 238

Image
     In The Wild - CyberSecurity Newsletter Welcome to the 238 th    issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!            #askSBS: Cyber Insurance SBS Educational Resources Question: What should I know about cyber insurance? Is it worth it? ...