Login
This week, we're going to look back on our favorite episodes of the first year, reflect on how we are doing, solicit feedback from listeners, look ahead to the future/coming year - what to expect! In our second segment, the crew discusses Ransomware Attacks!
Β
Show Notes: https://wiki.securityweekly.com/scw46
Visit https://www.securityweekly.com/scw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Parham Eftekhari, SVP & Executive Director of Cybersecurity Collaborative, to discuss The Power of True Peer-to-Peer Collaboration! In the Leadership and Communications section, What it takes to be a transformational CISO, Put Your Metrics Where Your Mouth Is, 5 Simple Ways to Make Better Decisions, and more!
Β
Show Notes: https://securityweekly.com/bsw190
Visit https://www.securityweekly.com/bsw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks John McAfee in trouble again, Tenda routers, Egregor, Someone is going after Trickbot, the OFAC may come after you for paying ransoms, Maxwell's Demon, the second law of thermodynamics, and Jason Wood joins for Expert Commentary on Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam!
Β
Show Notes: https://securityweekly.com/swn71
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, we welcome Chris Romeo, CEO at Security Journey, to discuss Things Every Developer Should Know About Security! In the Application Security News, DOMOS 5.8 - OS Command Injection, 4G, 5G networks could be vulnerable to exploit due to βmishmashβ of old technologies, Google sets up research grant for finding bugs in browser JavaScript engines, Announcing the launch of the Android Partner Vulnerability Initiative, and more!
Β
Show Notes: https://wiki.securityweekly.com/asw124
Visit https://www.securityweekly.com/asw for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is the first half of an HTB machine named Cascade. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve [β¦]
The post Hack the Box (HTB) machines walkthrough series β Cascade (Part 1) appeared first on Infosec Resources.
Introduction The global COVID-19 pandemic has forced individuals and organizations to adopt new ways of doing daily tasks, from working to learning. It has also accelerated the journey to the cloud for many organizations; for others, it has made them more reliant on the cloud. With that move comes a demand for professionals with cloud [β¦]
The post Microsoft Azure Certification: Overview And Career Path appeared first on Infosec Resources.
Introduction In modern networks, security is not an afterthought. You need to know how to build secure networks from the outset. Security has to be woven into the very fabric of the network.Β The 200-301 CCNA exam covers security fundamentals among a broad range of networking topics. This article describes what you need to know [β¦]
The post CCNA certification prep: Security fundamentals appeared first on Infosec Resources.
This week, in our first segment, Paul will take you through his process for creating a docker container for running NGINX as an RTMP proxy for streaming video to multiple services; complete with SSL and authentication! In our second segment, we welcome Chris Sanders, Founder of the Applied Network Defense & Rural Technology Fund, to talk about Intrusion Detection Honeypots! In the Security News, Rumored Windows XP Source Code Leaked Online, Hospitals hit by countrywide ransomware attack, China-linked 'BlackTech' hackers start targeting U.S, a 13-year-old student was arrested for hacking school computers, Who caused the 14 state Monday 911 outage, and A Return to 'Hackers' Is "Being Actively Considered," Says Director!
Β
Show Notes: https://wiki.securityweekly.com/psw668
Visit https://www.securityweekly.com/psw for all the latest episodes!
Β
Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
This week, Dr. Doug talks about The debate (no politics), Microsoft & 911 (& more Microsoft), Pinchy Spider, Twitch debates, and Emotet!
Β
Show Notes: https://securityweekly.com/swn70
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how an adware family known primarily for distributing browser hijackers, Linkury, has been caught distributing malware. Also, read about a newly uncovered strain of the Glupteba trojan.
Β
Read on:
Cross-Platform Modular Glupteba Malware Uses ManageX
Trend Micro recently encountered a variant of the Glupteba trojan and reported its attacks on MikroTik routers and updates on its command and control (C&C) servers. The use of ManageX, a type of modular adware that Trend Micro has recently analyzed, is notable in this newly uncovered strain as it aims to emphasize the modularity and the cross-platform features of Glupteba as seen through its code analysis.
Phishing Attack Targets Microsoft 365 Users with Netflix & Amazon Lures
Security researchers have been tracking a phishing campaign that abuses Microsoft Office 365 third-party application access to obtain specific resources from victimsβ accounts. The attacker, dubbed TA2552, mostly uses Spanish-language lures and a narrow range of themes and brands. These attacks have targeted organizations with a global presence but seem to choose victims who likely speak Spanish, according to a report from Proofpoint researchers.
New Report Suggests the Bug Bounty Business is Recession-Proof
A new report from HackerOne presents data suggesting that the bug bounty business might be recession-proof, citing increases in hacker registrations, monthly vulnerability disclosures and payouts during a pandemic-induced economic downturn. Brian Gorenc, senior director of vulnerability research and director of Trend Microβs Zero Day Initiative program, shared that heβs seen bug bounty activity increase with ZDI publishing 1,045 vulnerability advisories in all of 2019 and 1,235 already in 2020.
Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis
Weβve all been spending more time online since the pandemic hit, and as a result weβre sharing more personal and financial information online with each other and with organizations. Unfortunately, as ever, there are bad guys around every digital corner looking for this. Personally identifiable information (PII) is the currency of internet crime, and cyber-criminals will do whatever they can to get it.
Linkury Adware Caught Distributing Full-Blown Malware
An adware family known primarily for distributing browser hijackers has been caught distributing malware, security researchers said at the Virus Bulletin 2020 security conference. Its main method of distribution is the SafeFinder widget, a browser extension ironically advertised as a way to perform safe searches on the internet. K7 researchers say that in recent cases they analyzed, the SafeFinder widget has now also begun installing legitimate malware, such as the Socelars and Kpot infostealer trojans.
Chinese APT Group Targets Media, Finance, and Electronics Sectors
Cybersecurity researchers have uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S. and China. Linking the attacks to Palmerworm (aka BlackTech), likely a China-based advanced persistent threat (APT), the first wave of activity associated with this campaign began last year in August 2019.
InterPlanetary Storm Botnet Infects 13K Mac, Android Devices
A new variant of the InterPlanetary Storm malware has been discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices (in addition to Windows and Linux, which were targeted by previous variants of the malware). Researchers say the malware is building a botnet with a current estimated 13,500 infected machines across 84 countries worldwide β and that number continues to grow.
More Americans Share Social Security, Financial and Medical Information than Before the Pandemic
A new survey has shown that consumer willingness to share more sensitive data β social security numbers, financial information and medical information β is greater in 2020 than in both 2018 and 2019. According to the NYC-based scientific research foundation ARFβs (Advertising Research Foundation) third annual privacy study, contact tracing is considered a key weapon in the fight against COVID-19.
Do you feel like you are more willing to share sensitive information online since the pandemic began? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageX appeared first on .
Introduction In this article, we will solve a Capture the Flag (CTF) challenge that was posted on the VulnHub website by AndrΓ© Henrique. Per the description given by the author, you must βHelp Morpheus to leave the Matrix and return to Zion.β To do so, we have to find and read two flags (user and [β¦]
The post ZION: 1.2 β VulnHub CTF walkthrough (part 1) appeared first on Infosec Resources.
Introduction It has been said that a picture is worth a thousand words. In the world of malware, a picture is worth an infection β in other words, a picture can actually be the malware (ransomware, specifically in this case) that initially infects the compromised machine. This malware is called Tycoon and it uses an [β¦]
The post Tycoon malware: What it is, how it works and how to prevent it | Malware spotlight appeared first on Infosec Resources.
Introduction to dark web phishing kits The internet is like an iceberg: there is a lot more to it than can be seen from the surface. In addition to the surface web (what can be accessed and indexed by search engines), there is the deep web (gated content on internet-connected computers) and the darknet or [β¦]
The post Cybercrime at scale: Dissecting a dark web phishing kit appeared first on Infosec Resources.
Introduction The CCNP, or Cisco Certified Network Professional, is a certification endorsing IT professionals who have the knowhow and skill to set up, configure and manage local and wide-area networks within an enterprise. CCNP certification takes you through video, voice, wireless and advanced security issues. Since the training module and examinations for the CCNP certification [β¦]
The post Average CCNP salary 2020 appeared first on Infosec Resources.
What percentage of the exam focuses on network fundamentals? The network fundamentals section is 20% of the CCNA 200-301βs topics. Itβs neither the largest nor the smallest. The fact that the percentage increased from 15% in the previous version indicates that Cisco has emphasized the importance of having a strong base in this topic, on [β¦]
The post CCNA certification prep: Network fundamentals [updated 2020] appeared first on Infosec Resources.
This week, we welcome Liam Downward, CEO at CYRISMA, to talk about Data Centric Security! In our second segment, Jeff, Josh, Scott, John, and Liam discuss Vulnerability Management & the Art of Prioritization of Risk!
Β
Show Notes: https://wiki.securityweekly.com/scw45
Visit https://securityweekly.com/cyrisma to learn more about them!
Β
Visit https://www.securityweekly.com/scw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Introduction In order to keep your AWS environment secure while allowing your users to properly utilize resources, you must ensure that users are correctly created with proper permissions. Also, you must monitor your environment to ensure that unauthorized access does not occur and accounts are up to date. User Account Creation and Management AWS IAM [β¦]
The post AWS User Management appeared first on Infosec Resources.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have [β¦]
The post Browser Forensics: Google Chrome appeared first on Infosec Resources.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have [β¦]
The post Browser Forensics: Firefox appeared first on Infosec Resources.
Introduction The CCNA (Cisco Certified Network Associate) is one of the most well-known entry-level certifications within the IT industry. Holding this credential proves your ability to install, configure, manage and support small- to medium-sized networks.Β A study by CompTIA found that 47% of SMBs see the IT skills gap growing. This IT skills gap is [β¦]
The post Average CCNA salary 2020 appeared first on Infosec Resources.
Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Also, browsers can be used not only for surfing, we can make use of browsers for navigating through the file system of the OS. You might have [β¦]
The post Browser Forensics: IE 11 appeared first on Infosec Resources.
Introduction To understand Network Security, itβs imperative that we understand networking fundamentals and networking basics. In this post, we will be learning about networking basics and fundamentals to get started with Network Security.Β We cannot cover whole networking in a single post so we will be focusing only on core networking concepts needed for network [β¦]
The post Networking fundamentals (for Network security professionals) appeared first on Infosec Resources.
Introduction Wireless networks have become an inherent part of our life and we all use wireless networks in some form in our day to day life. Of all the utilities provided by wireless networks, we use wireless networks widely for connecting to the internet. We connect to the internet wirelessly either by router or using [β¦]
The post Wireless Networks and Security appeared first on Infosec Resources.
Introduction This article provides an overview of how printing functions work and how format strings are used to format the data being printed. Developers often use print functions for a variety of reasons such as displaying data to the users and printing debug messages. While these print functions appear to be innocent, they can cause [β¦]
The post Introduction to Printing and Format Strings appeared first on Infosec Resources.
Introduction In the previous article, we understood how print functions like printf work. This article provides further definition of Format String vulnerabilities. We will begin by discussing how Format Strings can be used in an unusual way, which is a starting point to understanding Format String exploits. Next, we will understand what kind of mistakes [β¦]
The post Format String Vulnerabilities: Use and Definitions appeared first on Infosec Resources.
Introduction In the previous articles, we discussed printing functions, format strings and format string vulnerabilities. This article provides an overview of how Format String vulnerabilities can be exploited. In this article, we will begin by solving a simple challenge to leak a secret from memory. In the next article, we will discuss another example, where [β¦]
The post How to exploit Format String Vulnerabilities appeared first on Infosec Resources.
Copy-paste compromises: Introduction and overview Although the concept of copy-paste compromises is not exactly new, there are now several different forms of the attack. In the version of copy-paste compromise that weβll discuss today, malicious actors use open-source or publicly available exploit code, web shells and other tools to gain information. Recently, Australia has revealed [β¦]
The post Copy-paste compromises appeared first on Infosec Resources.
Introduction to Lockphish Phishing attacks are a common tactic for gaining initial access to a system. If an attacker can convince their target to hand over their login credentials or install and execute malware on their machine, this provides an attacker with a foothold that can be used to expand their access and achieve their [β¦]
The post Lockphish phishing attack: Capturing Android PINs & iPhone passcodes over https appeared first on Infosec Resources.
Fuzzing is a black-box software testing technique and consists of finding implementation flaws and bugs by using malformed/semi-malformed payloads via automation. Fuzzing an application is not a matter of simply exploiting a specific point of an application, but also acquiring knowledge and potential crashes that could be explored in-depth through the implementation of crafted payloads [β¦]
The post Fuzzing introduction: Definition, types and tools for cybersecurity pros appeared first on Infosec Resources.
Weβve all been spending more of our time online since the crisis hit. Whether itβs ordering food for delivery, livestreaming concerts, holding virtual parties, or engaging in a little retail therapy, the digital interactions of many Americans are on the rise. This means weβre also sharing more of our personal and financial information online, with each other and the organizations we interact with. Unfortunately, as ever, there are bad guys around every digital corner looking for a piece of the action.
The bottom line is that personally identifiable information (PII) is the currency of internet crime. And cyber-criminals will do whatever they can to get their hands on it. When they commit identity theft with this data, it can be a messy business, potentially taking months for banks and businesses to investigate before you get your money and credit rating back. At a time of extreme financial hardship, this is the last thing anyone needs.
It therefore pays to be careful about how you use your data and how you protect it. Even more: itβs time to get proactive and monitor itβto try and spot early on if it has been stolen. Hereβs what you need to know to protect your identity data.
How identity theft works
First, some data on the scope of the problem. In the second quarter of 2020 alone 349,641 identity theft reports were filed with the FTC. To put that in perspective, itβs over half of the number for the whole of 2019 (650,572), when consumers reported losing more than $1.9 billion to fraud. Whatβs driving this huge industry? A cybercrime economy estimated to be worth as much as $1.5 trillion annually.
Specialized online marketplaces and private forums provide a user-friendly way for cyber-criminals and fraudsters to easily buy and sell stolen identity data. Many are on the so-called dark web, which is hidden from search engines and requires a specialized anonymizing browser like Tor to access. However, plenty of this criminal activity also happens in plain sight, on social media sites and messaging platforms. This underground industry is an unstoppable force: as avenues are closed down by law enforcement or criminal in-fighting, other ones appear.
At-risk personal data could be anything from email and account log-ins to medical info, SSNs, card and bank details, insurance details and much more. It all has a value on the cybercrime underground and the price fraudsters are prepared to pay will depend on supply and demand, just like in the βrealβ world.
There are various ways for attackers to get your data. The main ones are:
|
|
Β
The COVID-19 challenge
As if this werenβt enough, consumers are especially exposed to risk during the current pandemic. Hackers are using the COVID-19 threat as a lure to infect your PC or steal identity data via the phishing tactics described above. They often impersonate trustworthy institutions/officials and emails may claim to include new information on outbreaks, or vaccines. Clicking through or divulging your personal info will land you in trouble. Other fraud attempts will try to sell counterfeit or non-existent medical or other products to help combat infection, harvesting your card details in the process. In March, Interpol seized 34,000 counterfeit COVID goods like surgical masks and $14m worth of potentially dangerous pharmaceuticals.
Phone-based attacks are also on the rise, especially those impersonating government officials. The aim here is to steal your identity data and apply for government emergency stimulus funds in your name. Of the 349,641 identity theft reports filed with the FTC in Q2 2020, 77,684 were specific to government documents or benefits fraud.
What do cybercriminals do with my identity data?
Once your PII is stolen, itβs typically sold on the dark web to those who use it for malicious purposes. It could be used to:
|
|
How do I protect my identity online?
The good news among all this bad is that if you remain skeptical about what you see online, are cautious about what you share, and follow some other simple rules, youβll stand a greater chance of keeping your PII under lock and key. Best practices include:
|
|
How Trend Micro can help
Trend Micro offers solutions that can help to protect your digital identity.
Trend Micro ID Security is the best way to get proactive about data protection. It works 24/7 to monitor dark web sites for your PII and will sound the alarm immediately if it finds any sign your accounts or personal data have been stolen. It features
|
|
Trend Micro Password Manager enables you to manage all your website and app log-ins from one secure location. Because Password Manager remembers and recalls your credentials on-demand, you can create long, strong and unique passwords for each account. As youβre not sharing easy-to-remember passwords across multiple accounts, youβll be protected from popular credential stuffing and similar attacks.
Finally, Trend Micro WiFi Protection will protect you if youβre out and about connecting to WiFi hotspots. It automatically detects when a WiFi connection isnβt secure and enables a VPNβmaking your connection safer and helping keep your identity data private.
In short, itβs time to take an active part in protecting your personal identity dataβas if your digital life depended on it. In large part, it does.
Β
The post Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis appeared first on .
Introduction: In the previous article of this series, we discussed how format string vulnerabilities can be exploited. This article provides a case study of how format string vulnerabilities can be used to exploit serious vulnerabilities such as Buffer Overflows. We will begin by understanding what stack canaries are and then we will exploit a Buffer [β¦]
The post Format String Vulnerabilities Exploitation Case Study appeared first on Infosec Resources.
This week, Dr. Doug discusses the Microsoft outage, Jokers wild, Alien Forking at Android, Ryuk, United Health, possessed coffee makers, and Jason Wood joins us for Expert Commentary to talk about REvil Ransomware!
Β
Show Notes: https://wiki.securityweekly.com/swn69
Visit https://www.securityweekly.com/swn for all the latest episodes!
Β
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
FreshRSS 