Login
This week, we welcome Dr. Mike Lloyd, CTO at RedSeal, to discuss The Critical Role of Basic Cyber Hygiene! In the Leadership and Communication Segment, 5 things successful people don't care about, 11 books that will change the way you think about Leadership, how IBM wants to be the next Microsoft starting with the CEO, and more!
Show Notes: https://wiki.securityweekly.com/BSWEpisode162
To find out more and try Redseal, please visit: https://securityweekly.com/redseal
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Jeff and the crew discuss What is Risk-Based Security? How does compliance and/or security programs/points-of-view help or hinder risk-based security efforts? How can we change this? In the Security & Compliance News, Back to the basics What is the cost of non-PCI Compliance?, Endpoint Security the Foundation to Cybersecurity, Facebook settles data breach class-action lawsuit, CCPA cited in Hanna Andersson/Salesforce breach lawsuit, and Hanna Andersson Notice of Data Breach to Consumers!
Show Notes: https://wiki.securityweekly.com/SCWEpisode17
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The CIA spying? NASA could have used a USB charger? Election technology not very secure? ICS is a threat and the return of the Equifax monster from beyond the grave!
Show Notes: https://wiki.securityweekly.com/SWNEpisode11
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
In a year that was all about data and privacy, it seems only fitting that we closed out 2019 in the shadow of a jumbo data leak where more than a billion records were found exposed on a single server.
Despite this being one of the largest data exposures from a single source in history, it didn’t cause nearly the public uproar that one might expect from a leak involving personal information such as names, email addresses, phone numbers, LinkedIn and Facebook profiles. Instead, this quickly became yet another case of consumer information being mishandled, impacting many of the same consumers that have been burned several times already by companies they trusted.
What’s different about this leak – and what should have given consumers and businesses alike pause – is the way in which this case highlights a more complex problem with data that exists today.
There’s no question that data is a very valuable asset. Organizations have done a great job figuring out how to capture consumer data over the last decade and are now beginning to use and monetize it. The problem is, that data can also be used in many different ways to inflict serious pain on victims in their personal and business lives. So, when that data goes through someone’s hands (business or individual), how much responsibility do they – and those up the lifecycle chain – have for where it ends up?
Beginning at the consumer level, users can opt out of sharing data and should do so at any chance they get if they are concerned about having their information exposed. The good news is that new regulations like the GDPR and CCPA are making this easier to do retroactively than ever before. The challenge is that the system isn’t perfect. Aliases and other databases can still be difficult to opt out of because although they may have information captured, errors like misspellings can prevent consumers from getting to their own data.
With this particular incident, we also caught a glimpse of the role that data enrichment, aggregators and brokers play in security. Although it didn’t come directly from their own servers, the exposed data was likely tied to enrichment firms People Data Labs (PDL) and OxyData. While several data brokers today are taking more responsibility and offering security and privacy education to their customers, it was alarming to see that neither data broker in this case could rule out the possibility that their data was mishandled by a customer. In fact, rather than pushing for a solution, Oxydata seemed to shirk responsibility entirely when speaking with WIRED.
Data brokers need to own up to this challenge and look at better screening of their customers to ensure their use of data has valid purposes. A case study by James Pavur, DPhil student at Oxford University, underscored these failings in the system when he used GDPR Subject Access Requests to obtain his data from about 20 companies, many of which didn't ask for sufficient ID before sharing the information. He went on to try and get as much data as possible about his fiancée, finding he could access a range of sensitive data, including everything from addresses and credit card numbers to travel itineraries. None of this should be possible with proper scredaening in place.
Ultimately, whoever owns the server where the leak originated is the one that will be held legally and fiscally responsible. But should data brokers be emulating the shared responsibility model in use by cloud services like AWS? Either way, by understanding the lifecycle of data and taking additional responsibility upstream, we can begin to cut down on the negative impact when exposures like this inevitably occur.
About the author: Jason Bevis is the vice president of Awake Security Labs at Awake Security. He has extensive experience in professional services, cybersecurity MDR solutions, incident response, risk management and automation products.
Copyright 2010 Respective Author at Infosec Island
Social media has come a long way in a short space of time. In a little over a decade, it’s grown from being the preserve of a relatively small group of online enthusiasts to one of the defining trends of 21st century life. As the undisputed global leader in this field, Facebook now boasts nearly 1.7 billion daily active users.
Not only do we share personal and global news, photos and videos with each other every day on the site, we also log-in to our favorite third-party websites and apps via Facebook to shop, chat, play games and much more. In short, social media makes life more fun, more social, and more connected.
But at the same time, our digital lives have become more complicated. Sometimes we share without realizing the significance of the data we’re showing others — including strangers, trolls and maybe even fraudsters. Sometimes we sign-up for third-party apps/services that take advantage of small print agreements to sell our data on to others — possibly for uses we did not want. And often, the websites we visit independently of Facebook send data on our browsing behavior back to the social network without our knowledge.
Some of us view this kind of tracking as the price we pay for free internet services, and welcome the improved personalization it enables. But others may feel creeped out that their family’s every click and swipe is being silently monitored, logged, and shared.
Time for action
The good news is that Facebook has been listening (to some extent!) to regulators and consumers, and has started the new year by offering users more tools to shine a light on where and how their data is being used, and how they can protect their privacy. But we’re talking here about a platform that has been growing non-stop for the past 15 years. Complexity is everywhere, and it’s not always easy to find the tools you need to enhance your privacy on the site.
That’s why we’ve put together this short guide. It’ll teach you where your privacy is most at risk on Facebook, and what you can do to manage these risks, including an assist by Trend Micro’s own Privacy Scanner tool.
Why should I be worried?
Although social media offers much to enrich and improve our lives, there are multiple levels of privacy risk involved in using it. For many of us, the stakes have risen almost silently in the background over the past few years. We can split these into three basic areas:
Oversharing: At a very basic level Facebook allows you to share news, pictures, stories and more with the world. But would you want your boss, prospective employer, law enforcement, credit agencies and other users to see every little thing about you? Yes, they increasingly use Facebook as a source of intelligence gathering, so you may want to limit who can view your information to just those in your friendship network.
Among the most prodigious collectors and monetizers of our private data are cyber-criminals. A Facebook account is a trove of sensitive personal information: everything from email addresses and phone numbers to partners and political preferences. It could all be leveraged to commit identity fraud or craft convincing phishing emails which trick you into giving away even more details. Something as innocuous as a photo of a family pet could provide hackers with some useful intel for guessing your online passwords. Or what about a real-time update from the beach? It might be all an opportunistic burglar needs to raid your home.
Third-party apps and websites: One of the most controversial aspects of data collection and use on Facebook relates to partner sites and services. Often, users sign-up for these apps without being fully aware of how their data will be used, or even what profile data the app may be gaining permission to harvest. It was data on 87 million Facebook users and their friends collected by a popular third-party personality test app that ended up being sold to Cambridge Analytica. It was then controversially used to target US voters ahead of the last Presidential election.
Following a huge FTC fine, Facebook is now more rigorous in ensuring third-party developers comply with its privacy and data use policies. But some users may still balk at their private data being sold on to third parties.
Other Off-Facebook activity: Apps and websites that you log into with your Facebook ID technically count as “off-Facebook activity”: that is, stuff that happens outside of the social site. But there’s more. Did you know, for example, that Facebook collects data from a huge number of additional sites and apps that aren’t obviously connected to the platform?
It uses code embedded on these sites to track what you do there, in order to make advertising on Facebook more targeted and personalized. So accurate and covert is this technology that it has given rise to a conspiracy theory that Facebook is somehow listening in to its users’ phone calls. It’s not. Users simply don’t know that, when they visit many sites and apps on the web, those same sites are secretly sending data back to Facebook, which then serves up relevant ads. Just bought Season One of your favorite show on a streaming app? You may get an ad for Season Two when you next visit your Facebook account.
Some people may be fine with this trade-off: privacy for a more tailored user experience. But many others may not. It’s one thing monitoring what you bought off an e-commerce site, quite another to track who you swiped left on when you were last on a dating site.
How can I manage my privacy better?
Fortunately, Facebook provides tools to help you to manage your privacy. Let’s go through some of them, from the newest to the oldest.
Off-Facebook
Facebook has just released a way of checking which sites/apps track and send data on your web usage back to the social network, clearing your data sharing history with them, and disconnecting for the future.
There are some caveats. Disconnecting in this way will log you out of any apps/sites you used Facebook to log into. In addition, it will not stop Facebook serving you advertising — you’ll get the same number of ads, except these won’t be as personalized as before. Facebook will also continue to receive information about your interactions on various sites, but this will be anonymized. |
|
Particular apps, games and websites
You can also directly edit the privacy and settings of particular apps, games and websites you’ve logged into with your Facebook account.
|
|
Basic privacy settings
Facebook has also overhauled its most basic privacy settings. Its Privacy Checkup tool features four distinct sections.
|
|
How Trend Micro can help
An easier option for managing your basic privacy on Facebook is the Trend Micro Privacy Scanner, which is available within Trend Micro Security on Windows and Mac, and within Mobile Security on Android and iOS. It automates the process of finding and fixing any potentially risky settings to keep your personal data safe from prying eyes.
It’s turned on by default in Trend Micro Internet and Maximum Security, as well as in Mobile Security.
|
|
Facebook is getting better at privacy, but its controls can be hard to find, and functionality is constantly being updated. That’s why we recommend a privacy audit every few months. Check in with your Facebook Privacy settings directly or via the Privacy Scanner to make sure you’re not leaking personal data. Privacy is subjective, but we’re all getting more critical about how big corporations use our data — and that’s not a bad thing.
Go here for more information on Trend Micro Security and Trend Micro Mobile Security.
The post How to Manage Your Privacy On and Off Facebook appeared first on .
This week, Mike and John interview Shaun Lamb about strategies for how to best design applications so they are "secure by default" and have fewer incidents and vulnerabilities, and more! In the Application Security News, Dropbox bug bounty program has paid out over $1,000,000, Report Pins Cloud Security Woes on Flawed DevOps Processes, Ghost in the shell: Investigating web shell attacks, An Incident Impacting your Account Identity, and more!
Show Notes: https://wiki.securityweekly.com/ASWEpisode95
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White gives you the latest updates across all of Security Weekly's shows, from malware to hacking air-gapped computers, Ashley Madison, Katelyn Bowden and the BADASSARMY, Security Through Obscurity in Iowa, and highlights from the show notes from the week of February 2, 2020!
Show Notes: https://wiki.securityweekly.com/SWNEpisode10
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Katelyn Bowden, CEO of BADASS, (Battling Against Demeaning and Abusive Selfie Sharing), to talk about her journey, and how she started BADASS! In our second segment, we present you with a Technical Segment to talk about Adventures in AWS Computing! In the Security News, Google shares private videos with the wrong users, how to get hacked through a Philips Hue smart hub, Buggy Iowa Caucus App is actually Buggy? No way!, how US cities have handled their fight against cybercrime attacks, and how someone sabotaged their boss with ransomware from the dark web!
Show Notes: https://wiki.securityweekly.com/PSWEpisode638
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, in the Enterprise Security News, Preempt Security Becomes First in Industry to do Real-Time Threat Detection for Encrypted Authentication Protocol Traffic, Actionable Searching and Data Download with Vulnerability Management Dashboards, Companies and employees embrace BYOD but with compliance and risk challenges! In our second segment, we interview Wilson Bautista, Founder of Jun Cyber, to talk about leadership, DevOps and Security working together to provide security for the business! In our final segment, we welcomeMalcolm Harkins, Chief Security & Trust Officer at Cymatic, to discuss the security profits from the insecurity of computing thus at a macro economic level has no real economic incentive to solve many of the risk issues we face!
Show Notes: https://wiki.securityweekly.com/ESWEpisode171
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about Trend Micro Zero Day Initiative’s $1.5 million in awards and other noteworthy milestones in 2019. Also, learn about a crafty malware that makes you retype your passwords so it can steal them for credit card information and other personal data.
Read on:
Four Reasons Your Cloud Security is Keeping You Up at Night
Organizations are migrating to the cloud for speed, agility, scalability, and cost-efficiency – but they have realized that it demands equally powerful security management. As the cloud continues to attract more businesses, security teams are spending sleepless nights securing the infrastructure. We can reduce the number of security issues affecting cloud infrastructure; however, we must first conquer the possible reasons for security vulnerabilities.
Trend Micro and Baker Hughes Collaborate to Help Deliver Protection for Critical Infrastructure
Trend Micro announced this week that it will collaborate with Baker Hughes’ Nexus Controls operational technology (OT) security experts through a strategic framework agreement, signed in late 2019. Together the companies aim to provide comprehensive, industry leading guidance and support for enterprises running critical OT environments.
Trend Micro recently discovered several malicious optimizer, booster and utility apps (detected as AndroidOS_BadBooster.HRX) on Google Play. The apps can access remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious payloads on affected devices.
Zero Day Initiative Bug Hunters Rake in $1.5M in 2019
Zero Day Initiative, a division of Trend Micro, awarded more than $1.5 million in cash and prizes to bug-hunters throughout 2019, resulting in 1,035 security vulnerability advisories for the year. Most of those advisories (88 percent) were published in conjunction with a patch from the vendor.
ICS in VUCA: Insights from the World‘s Biggest ICS Security Event – S4
Many sessions at this year’s S4 discussed strengthening leadership. The environment surrounding the ICS community is filled with volatility, uncertainty, complexity and ambiguity (VUCA), and it requires strong leadership to drive changes. In this blog, read about the key takeaways coming out of the world’s leading ICS security event, S4.
This Crafty Malware Makes You Retype Your Passwords So It Can Steal Them
A trojan malware campaign is targeting online banking users around the world with the aim of stealing credit card information, finances and other personal details. Detailed by researchers at Fortinet, the Metamorfo banking trojan has targeted users of over 20 online banks in countries around the world including the US, Canada, Peru, Chile, Spain, Brazil, Ecuador and Mexico.
SORA and UNSTABLE: 2 Mirai Variants Target Video Surveillance Storage Systems
Trend Micro researchers encountered two variants of the notorious internet of things (IoT) malware, Mirai, employing a new propagation method. The two variants, namely SORA (detected as IoT.Linux.MIRAI.DLEU) and UNSTABLE (detected as IoT.Linux.MIRAI.DLEV), gain entry through Rasilient PixelStor5000 video surveillance storage systems by exploiting CVE-2020-6756.
Vulnerability in WhatsApp Desktop Exposed User Files
Facebook has patched a vulnerability in WhatsApp Desktop that could allow an attacker to launch cross-site scripting (XSS) attacks and access files from the victim’s system when paired with WhatsApp for iPhone. The vulnerability was discovered by PerimeterX security researcher Gal Weizman, who found he could bypass WhatsApp’s CSP to execute code on a target system using maliciously crafted messages.
Ryuk Ransomware Infects US Government Contractor
The internal system of U.S. government contractor Electronic Warfare Associates (EWA) was infected with Ryuk ransomware last week, ZDNet reported. EWA is a contractor that supplies electronic equipment and services to the Department of Defense (DOD), the Department of Homeland Security (DHS), and the Department of Justice (DOJ).
New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers
Printers, smart TVs and automated guided vehicles that depend on Windows 7 have become the latest targets for cybercriminals leveraging a “self-spreading” variant of the malware Lemon Duck. In a report released Wednesday by TrapX Security, researchers warn manufacturers dependent on IoT devices are targets in a new global campaign leveraging the malware variant.
New Extortion Campaign Threatens Victims of the 2015 Ashley Madison Breach
A new extortion campaign is targeting victims of the Ashley Madison data breach that happened five years ago, Vade Secure reports. Avid Life Media — the company behind the site — was hacked in 2015 by a group known as Impact Team. The actors behind this new campaign tell victims that they will publicize proof of their profile as well as other “embarrassing” activities and demand bitcoins as payment.
Emotet Uses Coronavirus Scare in Latest Campaign, Targets Japan
Threat actors behind the Emotet malware used the novel coronavirus (2019-nCoV) scare as a hook for their spam email campaign against targets in Japan. IBM X-Force reported that the coronavirus spam emails were disguised as official notifications sent by a disability welfare provider and public health centers. The email content warns recipients about the rapid spread of the virus and instructs them to download an attached notice that allegedly contains preventive measures.
Researchers Use Smart Light Bulbs to Infiltrate Networks
Researchers successfully infiltrated networks through a vulnerability in Philips Hue light bulbs. The CVE-2020-6007 vulnerability, which involves the Zigbee communication protocol, can be abused to remotely install malicious firmware in smart light bulbs and spread malware to other internet-of-things (IoT) devices.
What was your biggest takeaway from the S4 ICS security conference this year? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: ZDI Bug Hunters Rake in $1.5M in 2019 and Metamorfo Trojan Malware Campaign Targets Online Banking Users appeared first on .
This week, we welcome David Starobinksi, Professor, Department of Electrical and Computer Engineering at Boston University, to discuss the changes in network communications in both the wireless and IoT world! In the Leadership and Communications segment, 9 Quotes By NBA Legend Kobe Bryant That Might Impact Our Lives Forever, How to Build Trust with Business Partners from Other Cultures, and For zero trust to work, machines and humans require identities, and more!
Show Notes: https://wiki.securityweekly.com/BSWEpisode161
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Roberts, CSS of Attivo Networks! You are hedging your bets, hoping that someone else gets breached first, don't believe it's as big as an issue as people make out, keeping your insurance companies happy, telling your board "we're ok" and, basically avoiding looking in the mirror. We interview Chris Roberts to talk about bridging the gap in the learning process that companies only follow when they are breached!
Show Notes: https://wiki.securityweekly.com/SCWEpisode16
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Everyone wins in Iowa, Twitter has conspiracy theories? No way! Hackers steal billions and don't get caught, Iowa Election Apps secured by "obscurity", and the top 24 passwords found on the Dark Web. In the Expert Commentary, we welcome back Jason Wood, to talk about a New Iranian Campaign Tailored to US Companies Utilizes an Updated Toolset!
Show Notes: https://wiki.securityweekly.com/SWNEpisode9
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
We are excited to introduce guest posts from our newest Trenders from Cloud Conformity, now Trend Micro Cloud One – Conformity. More insights will be shared from this talented team to help you be confident and in control of the security of your cloud environments!
Why your cloud security is keeping you up at night
We are all moving to the cloud for speed, agility, scalability, and cost-efficiency and have realized that it demands equally powerful security management. As the cloud keeps on attracting more businesses, security teams are spending sleepless nights securing the infrastructure.
Somewhere, a cyber con artist has a target set on you and is patiently waiting to infiltrate your security. Managing your security posture is as critical as wearing sunscreen even if the sun is hiding behind a cloud. You may not feel the heat instantly, but it definitely leaves a rash for you to discover later.
Analyzing the volume of issues across the global Trend Micro Cloud One – Conformity customer base clearly shows that ‘Security’ is the most challenging area within AWS infrastructure.
According to an internal study in June 2019, more than 50% of issues belonged to the ‘Security’ category.
We can definitely reduce the number of security issues affecting cloud infrastructure, but first need to conquer the possible reasons for security vulnerabilities.
1. Not scanning your accounts regularly enough
If you deploy services and resources multiple times a day, you must continuously scan all your environments and instances at regular intervals. Tools like Conformity Bot scans your accounts against 530 rules across five pillars of the Well-Architected Framework to help you identify potential security risks and prioritize them. You can even set up the frequency of scans or run them manually as required.
2. Not investing in preventative measures
Seemingly harmless misconfigurations can cause enormous damage that can rapidly scale up and result in a security breach. You can prevent potential security risks from entering live environments by investing some time in scanning your staging or test accounts before launching any resources or services. You can use a Template Scanner to scan your account settings against CloudFormation Template and identify any security and compliance issues before deployment.
3. Not monitoring real-time activity
Catastrophes don’t wait! It may take a few minutes before someone barges into your cloud infrastructure while you are away on the weekend. You need to watch activity in real-time to act on threats without delay. A tool such as Real-Time Monitoring Add-on tracks your account’s activity in real time and triggers alerts for suspicious activity based on set configurations. For example, you can set up alerts to monitor account activity from a specific country or region.
4. Not communicating risks in a timely manner
The information trickling from your monitoring controls is fruitless until you get the right people to act quickly. One of the best practices to maintain smooth security operations is to merge the flow of security activity and events into information channels. Conformity allows you to integrate your AWS accounts with communication channels, for example Jira, email, SMS, Slack, PagerDuty, Zendesk, ServiceNow ITSM, and Amazon SNS. Moreover, configuring communication triggers sends notifications and alerts to set teams through the selected channels.
AWS provides you with the services and resources to host your apps and infrastructure, but remember – Security is a shared responsibility in which you must take an active role.
See how Trend Micro can support your part of the shared responsibility model for cloud security: https://www.trendmicro.com/cloudconformity.
Stay Safe!
The post Four Reasons Your Cloud Security Is Keeping You Up At Night appeared first on .
This week, Mike, John, and Matt review the presentation given by Clint Gilber at AppSec Cali, An Opinionated Guide to Scaling Your Company's Security! In the Application Security News, Xbox Bounty Program, Magento 2.3.4 Patches Critical Code Execution Vulnerabilities, Remote Cloud Execution - Critical Vulnerabilities in Azure Cloud Infrastructure, RCE in OpenSMTPD library impacts BSD and Linux distros, Fintechs divided on screen scraping ban, and Zero trust architecture design principles!
Show Notes: https://wiki.securityweekly.com/ASWEpisode94
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Gene Kim, Founder, Researcher, and Author of the Phoenix Project and The Unicorn Project, to talk about his goals and aspirations in The Unicorn Project, take a deep dive into the Five Ideals, and how DevOps will be a major player for decades to come! In our second segment, we welcome back Peter Smith, CEO, and Co-Founder of Edgewise, to talk about Stopping Python Backdoor Attacks, and how similar attacks have managed to evade traditional network security defenses and propagate inside their target environments! In the Security News, NHS alerted to severe vulns in GE health equipment, Ragnarok Ransomware targets Citrix ADC & disables Windows Defender, suspected Magecart hackers arrested in Indonesia, Wawa breach data was found for sale, and a mega-breach that exposed more than 250 million users!
Show Notes: https://wiki.securityweekly.com/PSWEpisode637
Visit https://www.securityweekly.com/psw for all the latest episodes!
To learn more about Edgewise, visit: https://securityweekly.com/edgewise
Visit https://securit Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
DEFCON is canceled from Coronavirus, Ragnarok Ransomware Runs Ragged Rapidly, Avast suddenly stops selling your data to third parties and shutters Jumpshot, Charges against Coalfire Red Team dropped in Dallas County, and 20 Board Members realize that Cybersecurity is more than just some guy named Ned in the Basement!
Show Notes: https://wiki.securityweekly.com/SWNEpisode8
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, over two thousand WordPress sites were compromised using a malicious script that redirects visitors to scam websites. Also, read about how Facebook has agreed to pay $550 million to Illinois users to settle a class action lawsuit filed over the use of its face-tagging technology.
Read on:
Security Analysis of Devices that Support SCPI and VISA Protocols
The Standard Commands for Programmable Instruments (SCPI) protocol, now 30 years old, was initially designed for sensors communicating over serial lines to make adoption via different languages and hardware interfaces easier. Today, these devices are being exposed to the internet as more networks get connected, but they have never been designed for it and network administrators might not be aware that this is happening.
The Rich Are Different, but their Smartphones Aren’t
After Jeff Bezos’ phone was hacked, it raised the question of how high-profile people protect their cybersecurity. In this article, Mark Nunnikhoven, vice president of cloud research at Trend Micro, explains that the rich and famous can’t buy phones that are more secure than the average.
Malicious Script Plagues Over 2,000 WordPress Accounts, Redirects Visitors to Scam Sites
Besides leading visitors to scam websites, the malicious script can also gain unauthorized admin access to affected WordPress sites, allowing attackers to inject malware and apply modifications. Sucuri reported that the attackers gained access to the affected sites by exploiting plugins such as the vulnerable versions of the “CP Contact Form with PayPal” and the “Simple Fields” plugins.
Avast Winds Down Jumpshot, Cites User Data Sale Privacy Concerns
Avast is winding down its subsidiary Jumpshot following an explosive investigation into the sale of user data to third parties that may pose a risk to consumer privacy. The antivirus vendor said the unit will no longer have access to user information harvested from users of Avast products and services will eventually be fully terminated.
Unsecured AWS S3 Bucket Found Leaking Data of Over 30K Cannabis Dispensary Customers
An unsecured Amazon S3 bucket owned by cannabis retailer THSuite was found leaking the data of more than 30,000 individuals. Discovered by a vpnMentor research team during a large-scale web mapping project, the unsecured bucket exposed 85,000 files that included records with sensitive personally identifiable information (PII).
Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition
Facebook has agreed to pay $550 million to Illinois users to settle a class action lawsuit filed over the use of its face-tagging technology to collect facial-recognition data on its social media platform. The suit stems from a class-action proceeding from Facebook users in Illinois over a feature called Tag Suggestions, which identifies Facebook users in photos based on biometric identification technology.
Google, Mozilla Crack Down on Malicious Extensions and Add-ons
The Google security team has temporarily disallowed the publishing or updating of paid extensions that use the Chrome Web Store payments due to an influx of fraudulent transactions performed via the extensions. Mozilla banned 197 suspicious Firefox add-ons that executed malicious code, ran codes from a remote server, stole user data, collected user search terms and obfuscated source code.
Microsoft Azure Flaws Could Have Let Hackers Take Over Cloud Servers
Cybersecurity researchers at Check Point disclosed details of two recently patched vulnerabilities in Microsoft Azure services that are potentially dangerous and, if exploited, could have allowed hackers to target several businesses that run their web and mobile apps on Azure.
3 Indonesian Hackers Arrested for Global Magecart Attacks, Other Members Still at Large
The International Criminal Police Organization (Interpol), together with the Indonesian National Police, recently publicized the arrest of three Indonesian men suspected of being behind intercontinental Magecart attacks. Known targets of this attack include online shops, hotel chains, advertising companies and even schools.
Inside the World’s Highest-Stakes Industrial Hacking Contest
Pwn2Own Miami, held at the S4 industrial control system security conference, has focused its participants’ skills for the first time exclusively on industrial control software (ICS). Every target is an application that touches physical machinery. The compromises could have catastrophic effects, from blackouts to life-threatening industrial accidents. In this article, read more about the inaugural Pwn2Own Miami competition.
Over 30 Million Stolen Credit Card Records Being Sold on the Dark Web
Cybercriminals were found selling more than 30 million credit card records on the dark web, purportedly from a data breach suffered by a U.S.-based gas station and convenience store chain last year. The breach was caused by a PoS malware attack and affected 860 convenience stores, of which 600 were also gas stations.
What are your thoughts on the class action lawsuit over Facebook’s facial recognition technology? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Over 2,000 WordPress Accounts Compromised and Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition appeared first on .
This week, we talk Enterprise News, to talk about New Cisco and AppDynamics integration bridges IT and DevOps for app management, Citrix and FireEye Mandiant Launch Indicator of Compromise Scanner, Sophos Introduces Intercept X for Mobile, Optimizing Your IT Spend as You Move to the Cloud, and more! In our second segment, we will deliver a Technical Segment on Migrating Legacy Apps to the Cloud Pt. 1! In our final segment, we welcome Steven Bay, Director of Security Operations at Security On-Demand, to discuss Edward Snowden and the Insider Threat!
Show Notes: https://wiki.securityweekly.com/ESWEpisode170
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
The U.S. Securities and Exchange Commission (SEC) this week published a report detailing cybersecurity and operational resiliency practices that market participants have adopted.
The 10-page document (PDF) contains observations from the SEC's Office of Compliance Inspections and Examinations (OCIE) that are designed to help other organizations improve their cybersecurity stance.
OCIE examines SEC-registered organizations such as investment advisers, investment companies, broker-dealers, self-regulatory organizations, clearing agencies, transfer agents, and others.
Through its reviews, OCIE has observed approaches that some organizations have taken in areas such as governance and risk management, access rights and controls, data loss prevention, mobile security, incident response and resiliency, vendor management, and training and awareness.
Observed risk management and governance measures include senior level engagement, risk assessment, testing and monitoring, continuous evaluation and adapting to changes, and communication. Practices observed in the area of vendor management include establishing a program, understanding vendor relationships, and monitoring and testing.
Strategies related to access rights and controls that were observed include access management and access monitoring. Utilized data loss prevention measures include vulnerability scanning, perimeter security, patch management, encryption and network segmentation, and insider threat monitoring, among others.
In terms of mobile security, organizations adopted mobile device management (MDM) applications or similar technology, implemented security measures, and trained employees. Strategies for incident response include inventorying core business operations and systems, and assessing risk and prioritizing business operation.
By sharing these observations, SEC hopes to determine organizations to review their practices, policies and procedures and assess their level of preparedness.
The presented measures should help any organization become more secure, OCIE says, admitting that “there is no such thing as a “one-size fits all” approach.” In fact, it also points out that not all of these practices may be appropriate for all organizations.
“Through risk-targeted examinations in all five examination program areas, OCIE has observed a number of practices used to manage and combat cyber risk and to build operational resiliency. We felt it was critical to share these observations in order to allow organizations the opportunity to reflect on their own cybersecurity practices,” Peter Driscoll, Director of OCIE, said.
Related: Cyber Best Practices Requires a Security-First Approach
Related: Best Practices for Evaluating and Vetting Third Parties
Related: Perception vs. Reality in Federal Government Security Practices
Copyright 2010 Respective Author at Infosec IslandThis week, Jeff, Scott, Josh, and Matt talk about Cyber Insurance! They'll dive into some topics such as Relationship and dilution of responsibility between brokers, underwriters, and reinsurance companies, Cost of Cyber Insurance, and much more! In the Security and Compliance News, Dallas County Acquires Cyber Insurance through ICAP, Ransomware Claims Driving Up Cyber Insurance Costs, Cowbell Cyber Demystifies Cyber Insurance with Cowbell Prime 100, The Cold Truth About Your Cyber Insurance, and more!
Show Notes: https://wiki.securityweekly.com/SCWEpisode15
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Michael Figueroa, Independent Executive Security Advisor, to discuss the challenges of CISOs and the differences between large enterprises and small businesses! In the Leadership and Communications segment, Board members find cybersecurity risk an existential threat, When Community Becomes Your Competitive Advantage, The Little Things That Make Employees Feel Appreciated, Don't Stay in Your Lane: The Secret to Developing Your Career, and more!
Like us on Facebook: https://www.facebook.com/secweekly
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, How all vehicles are on the road to being hackable, Misinformation on the internet regarding the Corona virus? No way!, Jersey police are barred from using Clearview, CDC report on the Coronavirus, and Coveware reports said that ransomware payments increased over 100% in Q4 of 2019! In the Expert Commentary, we welcome Jason Wood of Paladin Security, to talk about how Leaked Documents Expose the Secretive Market for Your Web Browsing Data!
Show Notes: https://wiki.securityweekly.com/SWNEpisode7
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome John Butler, Solutions Engineer at Guardsquare, to discuss Dynamically Protecting Mobile Applications with RASP! In the Application Security News, Insecure configurations expose GE Healthcare devices to attacks demonstrate more simple flaws with high impacts, NSA Offers Guidance on Mitigating Cloud Vulnerabilities, Enumerating Docker Registries with go-pillage-registries for pentesters searching for useful information, and more!
Like us on Facebook: https://www.facebook.com/secweekly
To request a demo with Guardsquare, please visit: https://securityweekly.com/guardsquare
Visit https://www.securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Dug Song, Co-Founder and General Manager of Duo Security at Cisco, to discuss the vision and culture behind Duo Security, and talk about his journey from when he began his start in Information Security! In our second segment, we welcome Mike Godwin, Distinguished Senior Fellow at R Street Institute, to talk about Digital Rights and Privacy! In the Security News, Microsoft Security Shocker As 250 Million Customer Records Exposed Online, the NSA Offers Guidance on Mitigating Cloud Flaws, Multiple Vulnerabilities Found in AMD ATI Radeon Graphics Cards, Brazil prosecutes Glenn Greenwald in an attack on press freedom, and Cybersecurity Lessons Learned from 'The Rise of Skywalker'!
Show Notes: https://wiki.securityweekly.com/PSWEpisode636
Visit https://www.securityweekly.com/psw for all the latest episodes!
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Doug White brings the Security Weekly News update for the week of January 20, 2020, to discuss the top news stories of the week, across all of the Security Weekly Network shows!
Show Notes: https://wiki.securityweekly.com/SWNEpisode6
Visit https://www.securityweekly.com/swn for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, dive into a research study that explores the risks associated with common cybersecurity vulnerabilities in a factory setting. Also, read about how misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records.
Read on:
Last week, Microsoft announced vulnerability CVE-2020-0601 and has already released a patch to protect against any exploits stemming from the vulnerability. Understanding how difficult it can be to patch systems in a timely manner, Trend Micro created a valuable tool that will test endpoints to determine if they have been patched against this latest threat or if they are still vulnerable.
Malicious hackers are targeting factories and industrial environments with a wide variety of malware and cyberattacks including ransomware and cryptocurrency miners. All of these incidents were spotted by researchers at Trend Micro who built a honeypot that mimicked the environment of a real factory. The fake factory featured some common cybersecurity vulnerabilities to make it appealing for hackers to discover and target.
Defend Yourself Now and In the Future Against Mobile Malware
Recently, 42 apps were removed from the Google Play Store after being installed eight million times over the period of a year, flooding victims’ screens with unwanted advertising. Trend Micro blocked more than 86 million mobile threats in 2018, and that number is expected to continue to increase. To learn how to protect your mobile device from hackers, read this blog from Trend Micro.
Trend Micro Joins LOT Network to Fight ‘Patent Trolls’
Trend Micro announced this week that it has joined non-profit community LOT Network in a bid to combat the growing threat posed to its business and its customers by patent assertion entities (PAEs). The community now has more than 500 members, including some of the world’s biggest tech companies such as Amazon, Facebook, Google, Microsoft and Cisco.
Blocking A CurveBall: PoCs Out for Critical Microsoft-NSA Bug CVE-2020-0601
Security researchers have released proof-of-concept (PoC) codes for exploiting CVE-2020-0601, a bug that the National Security Agency (NSA) reported. The vulnerability affects Windows operating systems’ CryptoAPI’s validation of Elliptic Curve Cryptography (ECC) certificates and Public Key Infrastructure (PKI) trust. Enterprises and users are advised to patch their systems immediately to prevent attacks that exploit this security flaw.
Microsoft Leaves 250M Customer Service Records Open to the Web
Misconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account information dates back as far as 2005 and as recent as December 2019 and exposes Microsoft customers to phishing and tech scams. Microsoft said it is in the process of notifying affected customers.
Microsoft Releases Advisory on Zero-Day Vulnerability CVE-2020-0674, Workaround Provided
On January 17, Microsoft published an advisory (ADV200001) warning users about CVE-2020-0674, a remote code execution (RCE) vulnerability involving Microsoft’s Internet Explorer (IE) web browser. A patch has not yet been released as of the time of writing — however, Microsoft has acknowledged that it is aware of limited targeted attacks exploiting the flaw.
Google to Apple: Safari’s Privacy Feature Actually Opens iPhone Users to Tracking
Researchers from Google’s Information Security Engineering team have detailed several security issues in the design of Apple’s Safari anti-tracking system, Intelligent Tracking Prevention (ITP). ITP is designed to restrict cookies and is Apple’s answer to online marketers that track users across websites. However, Google researchers argue in a new paper that ITP leaks Safari users’ web browsing habits.
Hacker Publishes Credentials for Over 515,000 Servers, Routers, and IoT Devices
A hacker has published the credentials of over 515,000 servers, routers, and IoT devices on a well-known hacking website. ZDNet reported that the list consists of IP addresses and the usernames and passwords used by each for unlocking Telnet services, the port that allows these devices to be controlled through the internet.
Pwn2Own Miami Contestants Haul in $180K for Hacking ICS Equipment
The first Pwn2Own hacking competition that exclusively focuses on industrial control systems (ICS) has kicked off in Miami. So far, a total of $180,000 has been awarded for pwning five different products. The contest hosts at Trend Micro’s Zero Day initiative (ZDI) have allocated more than $250,000 in cash and prizes for the contest, which is testing eight targets across five categories.
Sextortion Scheme Claims Use of Home Cameras, Demands Bitcoin or Gift Card Payment
A new sextortion scheme has been found preying on victims’ fears through social engineering and follows in the footsteps of recent sextortion schemes demanding payment in bitcoin. Security researchers at Mimecast observed the scheme during the first week of the year. The scheme reportedly sent a total of 1,687 emails on Jan. 2 and 3, mostly to U.S. email account holders.
NetWire RAT Hidden in IMG Files Deployed in BEC Campaign
A recent business email compromise (BEC) campaign, purportedly coming from a small number of scammers in Germany, targets organizations by sending them emails with IMG file attachments hiding a NetWire remote access trojan (RAT). The campaign was discovered by IBM X-Force security researchers and involves sending an employee of the targeted organization an email masquerading as a corporate request.
What are your thoughts on the results of Trend Micro’s factory honeypot study? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Trend Micro Creates Factory Honeypot to Trap Malicious Attackers and Microsoft Leaves 250M Customer Service Records Open to the Web appeared first on .
This week, we talk Enterprise News, to talk about Security Compass securing funding to enhance solutions portfolio and accelerate growth, Micropatch simulates workaround for recent zero-day IE flaw, New Kaspersky Sandbox automates protection from advanced threats, FireEye adds Cloudvisory to its stable, and some funding and acquisition updates from ServiceNow, Sysdig, Waterfall Security Solutions, and more! In our second segment, we welcome Alex Horan, Director of Product Management of Onapsis, and JP Perez, CTO of Onapsis, to discuss SAP Vulnerability and the current state as it relates to SAAP Vulns and Security! In our final segment, we welcome Robert Siciliano, Security Awareness Expert, to discuss Security Awareness: Empowering employees to care about security through security appreciation training!
Show Notes: https://wiki.securityweekly.com/ESWEpisode169
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS 