FreshRSS

🔒
❌ About FreshRSS
☷
△ 🔃
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Microsoft locks door to default guest authentication in Windows Pro

Bringing OS version into sync with Enterprise and Education editions

Microsoft wants to bulk up the security in Windows Pro editions by ensuring the SMB insecure guest authentication fallbacks are no longer the default setting in the operating system.…

  • January 17th 2023 at 17:01
  • ↗

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

By Ravie Lakshmanan
Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API Management, Azure Functions, Azure Machine Learning, and Azure Digital Twins, have since been addressed

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware

By Ravie Lakshmanan
New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware to victim systems. GitHub Codespaces is a cloud-based configurable development environment that allows users to debug, maintain, and commit changes to a given codebase from a web browser or via an integration in Visual Studio Code. It also comes with a port

4 Places to Supercharge Your SOC with Automation

By The Hacker News
It's no secret that the job of SOC teams continues to become increasingly difficult. Increased volume and sophistication of attacks are plaguing under-resourced teams with false positives and analyst burnout. However, like many other industries, cybersecurity is now beginning to lean on and benefit from advancements in automation to not only maintain the status quo, but to attain better security

Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!

By Ravie Lakshmanan
Users of Zoho ManageEngine are being urged to patch their instances against a critical security vulnerability ahead of the release of a proof-of-concept (PoC) exploit code. The issue in question is CVE-2022-47966, an unauthenticated remote code execution vulnerability affecting several products due to the use of an outdated third-party dependency, Apache Santuario. "This vulnerability allows an
  • January 17th 2023 at 10:38
  • ↗

Top 10 Venmo scams: Don’t fall for these common tricks

By Phil Muncaster

Here's what to know about some of the most common ploys that scammers use on the payment app

The post Top 10 Venmo scams: Don’t fall for these common tricks appeared first on WeLiveSecurity

The Big Difference Between Online Protection Software and Antivirus

By McAfee

Authored by Dennis Pang 

Online protection software. Antivirus. The two words get used interchangeably often enough. But sure enough, they’re different. And yet directly related when you take a closer look. 

The term “antivirus” has been with us for decades now, dating back to the first software that was designed to prevent computers from getting malware—malicious code, like viruses, that would lock up computers, scramble data, or otherwise damage computers and the data on them. Prime examples of these early types of malware include 1999’s “Melissa” virus spreads by infected email attachments and the even more devastating “ILOVEYOU” virus that incurred billions in damages worldwide. 

There’s a good reason why people default to the word “antivirus” so easily. Viruses have been on our collective minds for some time. And computer purchases have often been accompanied by the question, “Do you have antivirus for your computer?” By and large, the notion of antivirus has become pretty much engrained. 

Yet look ahead to today and you can see how dramatically things have changed since those early days. We still need antivirus, that’s for sure. But it takes far more than that to live life safely online right now. And that’s where online protection software comes in. 

What is online protection software? 

Online protection software protects you. It includes antivirus, yet it further protects your identity and privacy in addition to your devices.  

The way we use our computers, tablets, and phones nowadays shows the reason why we need such broad protection. We conduct so much of our lives online. We bank, we shop, we plan our finance online. We also run portions of our homes with smart devices and smart speakers. Increasingly, we track our health and wellness with connected devices too—like workouts on our phone and biometrics with consumer-grade and even medical-grade devices.  

All of this creates data. Data about who we are, what we’re doing, when we’re doing it, how often, and where. That’s precious information. Private information. Personal information. And understandably, that needs to be protected.  

Put simply, today’s threats have evolved. While viruses and malware remain a problem, today’s bad actors are out for the bigger games. Like stealing personal and financial info for identity theft. Moreover, organizations large and small collect data from your devices and the things you do on them, personal data that many share and sell for profit. Some of this data collection gets quite exacting, compiled from a broad range of public sources that can include records like bankruptcies, real estate sales, and birth records—plus private sources that can further include your shopping habits, the people you chat with, and what your daily travels look like based on location information captured from your smartphone.  

If you find yourself surprised by this, you’re not alone. Tremendous volumes of data collection activity occur without people’s knowledge or consent. 

Now as to why anyone would want any of that kind of data about you, consider the multi-billion-dollar industry of online data brokers. They compile thousands of data points from millions of people and put these vats of data up for sale to anyone who’ll buy them. That could be advertisers, potential employers, private investigators, and background checkers. And it could be bad actors as well who could use your own data to spam, harass, impersonate, or otherwise harm you. 

Today’s online protection software protects you from today’s threats 

Once, so many of these intrusions on our privacy and identity were difficult to spot, let alone prevent. For example, your personal info gets caught up in a data breach and winds up posted for sale on the dark web. How are you to know that before it’s too late and thief racks up umpteen charges on your debit card? Also, with dozens and dozens of data brokers out there, how do you track down which ones have information posted about you and then request to have it taken down? And what if online identity theft happens to you and you’re faced with the time and dollar costs it involves to set things right? 

So just as online threats have evolved, so has online protection software. We go about so much of our day online, and online protection like our own McAfee+ helps you do it more privately and more safely. It’s quite comprehensive, and the various plans for McAfee+ include: 

  • Personal Data Cleanup reveals which high-risk data brokers and people search sites are collecting and selling your personal information and requests the removal of the information, confirms completion, and conducts ongoing scans as data is always being collected.     
  • Unlimited Secure VPN that automatically connects to public Wi-Fi to protect online privacy and safeguard personal data while online banking, shopping, or browsing.     
  • $1M Identity Theft and Stolen Funds Coverage to reimburse lost funds or expenses in restoring the customer’s identity, including losses to 401(k) accounts.    
  • Ransomware Coverage to reimburse up to $25,000 for losses and ransom fees.    
  • Licensed Restoration Experts who can take necessary actions to repair identity and credit issues, including assistance to assist with the identity fraud of a deceased family member.     
  • Credit Monitoring and Alerts keep an eye on changes to your credit score, report, and accounts with timely notifications and guidance so you can take action to tackle identity theft.  
  • Credit Score and Report to help you stay on top of daily changes to your credit score and report, from a single location.    
  • Credit Lock reduces the chance of becoming a victim of identity theft by allowing you to quickly lock and unlock your credit, which can help prevent unauthorized opening of accounts.     
  • Security Freeze prevents unauthorized access to existing accounts or new ones being set up in your name with a credit, bank, or utility freeze.    
  • Identity Monitoring for up to 60 unique pieces of personal information on the dark web with timely alerts up to 10 months sooner than competitive products.    

For certain, protections like these remain a primary focus of ours, because they protect you. And that’s who thieves and bad actors are really after—you, your information, your accounts, and even your identity. Expect us to continue to roll out more protections that look after you in this way and more. 

Antivirus, a part of your comprehensive online protection plan 

So, while antivirus and online protection software are different, they work together. Antivirus provides strong device security, which complements the additional privacy and identity features included with online protection. That reflects how times have changed. Once it was enough to protect our devices from viruses and malware. Now we have to protect ourselves as well. Antivirus alone won’t do it, but antivirus as part of online protection will. 

The post The Big Difference Between Online Protection Software and Antivirus appeared first on McAfee Blog.

Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

By Ravie Lakshmanan
A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index (PyPI) repository that are designed to drop malware on compromised developer systems. The packages – named colorslib (versions 4.6.11 and 4.6.12), httpslib (versions 4.6.9 and 4.6.11), and libhttps (version 4.6.12) – by the author between January 7, 2023, and January 12, 2023. They have since been
  • January 17th 2023 at 06:36
  • ↗

Crypto exchanges freeze accounts tied to North Korea’s notorious Lazarus Group

Well whaddya know, the crypto ecosystem did the right thing by stiffing the WannaCry bandits

Two cryptocurrency exchanges have frozen accounts identified as having been used by North Korea’s notorious Lazarus Group.…

  • January 17th 2023 at 06:29
  • ↗

Tencent fired 100 people for corruption during 2022

A couple have already been jailed, others shown the door for embezzling or arranging sham contracts

Chinese web and gaming giant Tencent has admitted it fired more than 100 people in 2022 for various forms of corruption – some so serious it reported them to local police.…

  • January 17th 2023 at 05:29
  • ↗

Multi-million investment scammers busted in four-country Europol raid

By Paul Ducklin
216 questioned, 15 arrested, 4 fake call centres searched, millions seized...

Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

By Ravie Lakshmanan
A "large and resilient infrastructure" comprising over 250 domains is being used to distribute information-stealing malware such as Raccoon and Vidar since early 2020. The infection chain "uses about a hundred of fake cracked software catalogue websites that redirect to several links before downloading the payload hosted on file share platforms, such as GitHub," cybersecurity firm SEKOIA said in
  • January 16th 2023 at 12:47
  • ↗

A Secure User Authentication Method – Planning is More Important than Ever

By The Hacker News
When considering authentication providers, many organizations consider the ease of configuration, ubiquity of usage, and technical stability. Organizations cannot always be judged on those metrics alone. There is an increasing need to evaluate company ownership, policies and the stability, or instability, that it brings. How Leadership Change Affects Stability In recent months, a salient example
  • January 16th 2023 at 12:22
  • ↗

All the Data Apple Collects About You—and How to Limit It

By Matt Burgess
Cupertino puts privacy first in a lot of its products. But the company still gathers a bunch of your information.

For password protection, dump LastPass for open source Bitwarden

After the security breach last summer, staying put is playing with fire

Opinion For better or worse, we still need passwords, and to protect and organize them, I recommend the open source Bitwarden password manager.…

  • January 16th 2023 at 11:30
  • ↗

CISA Warns of Flaws Affecting Industrial Control Systems from Major Manufacturers

By Ravie Lakshmanan
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio's RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter
  • January 16th 2023 at 10:47
  • ↗

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

By Ravie Lakshmanan
Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency (CIA)'s Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33,"
  • January 16th 2023 at 10:09
  • ↗

China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025

Optimistically suggests international collaboration – including on standards – will help it get there

China's government has declared the nation's information security industry needs to grow – fast.…

  • January 16th 2023 at 01:59
  • ↗

NSA asks Congress to let it get on with that warrantless data harvesting, again

Also: That Pokemon is actually a RAT, Uncle Sam fails a password audit

In brief A US intelligence boss has asked Congress to reauthorize a controversial set of powers that give snoops warrantless authorization to surveil electronic communications in the name of fighting terrorism and so forth.…

  • January 14th 2023 at 20:57
  • ↗

Russian Ransomware Gang Attack Destabilizes UK Royal Mail

By Lily Hay Newman
Plus: Joe Biden’s classified-documents scandal, the end of security support for Windows 7, and more.

Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident

By Ravie Lakshmanan
DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "sophisticated attack" took place on December 16, 2022, and that the malware went undetected by its antivirus

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

By Ravie Lakshmanan
A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti (1.2.23 and 1.3.0). The issue in question relates to CVE-2022-

Russians say they can grab software from Intel again

And Windows updates from Microsoft, too

People in Russia can reportedly once again download drivers and some other software from Intel and Microsoft, which both withdrew from the nation after its invasion of Ukraine.…

  • January 14th 2023 at 08:07
  • ↗

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

By Ravie Lakshmanan
Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. "Users of 'tiktok[.]com' could not refuse cookies as easily as accepting them and they were not informed in a

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

By Ravie Lakshmanan
Cisco has warned of two security vulnerabilities affecting end-of-life (EoL) Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept (PoC) exploit. The issues are rooted in the router's web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious

Weekly Update 330

By Troy Hunt
Weekly Update 330

Big week! So big, in fact, that I rushed into this week's update less prepared and made it a very casual one, which is just fine 😊 It's mostly password books and kitchen equipment this week, both topics which had far more engagement than I expected but made them all the more interesting. Next week I'll get back into the pattern of switching between last thing Friday and first thing Friday so it'll be my morning again on the 20th, see you then!

Weekly Update 330
Weekly Update 330
Weekly Update 330
Weekly Update 330

References

  1. After all this week's action, I was a little bit less organised today (link through to a Facebook post, I put a lot more pics and vids there than on other platforms)
  2. I'm ok with password books (you can buy them down at our local post office)
  3. I'm so ok with password books, that I wrote an entire blog post on it a few years ago (well, on that and other aspects of why chasing the perfect security solution isn't the right approach)
  4. It's looking increasingly dire for 3rd party Twitter clients using their API (surely it would be communicated in advance if they were being killed?)
  5. My kitchen rebuild tweet thread had some awesome responses to it (the suggestions there will definitely help shape the final product)
  6. Sponsored by: CrowdSec - The open-source & collaborative security stack: respond to attacks & share signals across the community. Download it for free

Canadian owes bosses for 'time theft' after work-tracking app sinks tribunal bid

She hoped to score thousands but laptop app had other ideas

A woman in Canada failed in her claim for wrongful dismissal due to evidence from software designed to track her work time activity.…

  • January 13th 2023 at 18:43
  • ↗

Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware

By Ravie Lakshmanan
Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started in May 2022. It uses "components of SecondEye – a legitimate monitoring application – to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized installers," Bitdefender said in an analysis. A majority of the infections are said to originate in

APT group trojanizes Telegram app – Week in security with Tony Anscombe

By Editor

StrongPity's backdoor is fitted with various spying features and can record phone calls, collect texts, and gather call logs and contact lists

The post APT group trojanizes Telegram app – Week in security with Tony Anscombe appeared first on WeLiveSecurity

  • January 13th 2023 at 13:30
  • ↗

Microsoft Defender ASR rules strip icons, app shortcuts from Taskbar, Start Menu

Happy Friday 13th sysadmins! Techies find workarounds but Redmond still 'investigating'

Techies are reporting that Microsoft Defender for Endpoint attack surface reduction (ASR) rules have gone haywire and are removing icons and applications shortcuts from the Taskbar and Start Menu.…

  • January 13th 2023 at 13:30
  • ↗

In the Fight Against Scams, ‘Cyber Ambassadors’ Enter the Chat

By Varsha Bansal
Police in the Indian state of Telangana have found a novel way to help people avoid getting swindled online: grassroots education.
❌