Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber

Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.

Tackling Financial Fraud With Machine Learning

Financial services firms need to learn how — and when — to put machine learning to use.

Real Estate Phish Swallows 1,000s of Microsoft 365 Credentials

The attacks showcase broader security concerns as phishing grows in volume and sophistication, especially given that Windows Defender's Safe Links feature for identifying malicious links in emails completely failed in the campaign.

Keep Today's Encrypted Data From Becoming Tomorrow's Treasure

Building quantum resilience requires C-suite commitment, but it doesn't have to mean tearing out existing infrastructure.

DDoS Attack Against Eastern Europe Target Sets New Record

The target has been under relentless DDoS attack, which ultimately set a new packets-per-second record for Europe.

Hacker Pwns Uber Via Compromised VPN Account

A teen hacker reportedly social-engineered an Uber employee to hand over an MFA code to unlock the corporate VPN, before burrowing deep into Uber's cloud and code repositories.

Highlights of the 2022 Pwnie Awards

Since 2007, the Pwnies have celebrated the good, the bad, and the wacky in cybersecurity. Enjoy some of the best moments of this year's ceremony.

Business Application Compromise & the Evolving Art of Social Engineering

Be wary of being pestered into making a bad decision. As digital applications proliferate, educating users against social engineering attempts is a key part of a strong defense.

Note to Security Vendors: Companies Are Picking Favorites

A stunning three-quarters of companies are looking to consolidate their security products this year, up from 29% in 2020, suggesting fiercer competition among cybersecurity vendors.

Malware on Pirated Content Sites a Major WFH Risk for Enterprises

Malware-laced ads are hauling in tens of millions of dollars in revenue for operators of pirated-content sites — posing a real risk to enterprises from remote employees.

Will the Cloud End the Endpoint?

When an organization fully embraces the cloud, traditional endpoints become disposable. Organizations must adapt their security strategy for this reality.

Popular IoT Cameras Need Patching to Fend Off Catastrophic Attacks

Several models of EZVIZ cameras are open to total remote control by cyberattackers, and image exfiltration and decryption.

5 Steps to Strengthening Cyber Resilience

Organizations are thinking about their cyber resilience. Here are five steps security teams should take.

Unflagging Iranian Threat Activity Spurs Warnings, Indictments From US Government

Authorities are cracking down on persistent cybercriminal attacks from APTs associated with Iran's Islamic Revolutionary Guard Corps.

Telos Corporation to Help Enterprises Operationalize Cybersecurity Compliance and Regulatory Risks with IBM Security

Solution addresses compliance challenges in complex landscapes

5 Best Practices for Building Your Data Loss Prevention Strategy

The entire security team should share in the responsibility to secure sensitive data.

Fortanix Raises $90M in Series C Funding Led by Goldman Sachs Asset Management

Oversubscribed round validates company's data-first approach to solving cloud security and privacy issues for global businesses thwarting data breaches and ransomwar

Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish

Access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn't planning to patch.

White House Guidance Recommends SBOMs for Federal Agencies

New executive order stops short of mandating NIST's guidelines, but recommends SBOMs for federal agencies across government.

How to Use SSH Keys and 1Password to Sign Git Commits

This Tech Tip walks through the steps to set up signed commits with SSH keys stored in 1Password.

SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign

Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware.

To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline

With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background.

Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly

Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly.

TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls

Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.

Key Takeaways From the Twitter Whistleblower's Testimony

Twitter did not know what data it had or who had access to it, Peiter "Mudge" Zatko told Congressional lawmakers during a Senate panel hearing.

Bishop Fox Releases Cloud Enumeration Tool CloudFox

CloudFox is a command-line tool that helps penetration testers understand unknown cloud environments.

Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs

In Microsoft's lightest Patch Tuesday update of the year so far, several security vulnerabilities stand out as must-patch, researchers warn.

U-Haul Customer Contract Search Tool Compromised

Password compromise led to unauthorized access to a customer contract search tool over a five-month window, according to the company.

ShadowPad Threat Actors Return With Fresh Government Strikes, Updated Tools

Cyber spies are using legitimate apps for DLL sideloading, deploying an updated range of malware, including the new "Logdatter" info-stealer.

Cyberattackers Abuse Facebook Ad Manager in Savvy Credential-Harvesting Campaign

Facebook lead-generation forms are being repurposed to collect passwords and credit card information from unsuspecting Facebook advertisers.

Name That Toon: Shiver Me Timbers!

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Opus Security Emerges from Stealth with $10M in Funding for Cloud SecOps and Remediation Processes

Siemplify veterans introduce Cloud Security Orchestration and Remediation platform, backed by high-profile investors including YL Ventures, Tiger Global, and CEOs of CrowdStrike and CyberArk

Arcserve Independent Global Study Finds Businesses Still Losing Mission-Critical Company Data

.

Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems

The ransomware gang has been seen exploiting a Mitel RCE flaw discovered in VoIP devices in April (and patched in July) to perform double-extortion attacks.

Business Security Starts With Identity

How identity-centric security can support business objectives.

Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022

.

Attackers Can Compromise Most Cloud Data in Just 3 Steps

An analysis of cloud services finds that known vulnerabilities typically open the door for attackers, while insecure cloud architectures allow them to gain access to the crown jewels.

How Machine Learning Can Boost Network Visibility for OT Teams

Opswat says its new tool uses neural networks to protect critical environments through AI-assisted asset discovery, network visibility, and risk management.

Google Releases Pixel Patches for Critical Bugs

Unpatched Pixel devices are at risk for escalation of privileges, Google warns.

Federal Privacy Bill That Would Preempt State Privacy Laws Faces Uncertain Future

The American Data Privacy and Protection Act would provide federal-level protections that don't exist in most states, but override existing, stronger state protections.

Cisco Data Breach Attributed to Lapsus$ Ransomware Group

Analysis shows attackers breached employee credentials with voice phishing and were preparing a ransomware attack against Cisco Systems.

Cybersecurity Awareness Campaigns: How Effective Are They in Changing Behavior?

Your chance to be a part of a ground-breaking study.

Google Completes Acquisition of Mandiant

The threat-intelligence and cyberdefense company company will join Google Cloud and retain its brand name.

Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats

Users must continually be made aware of new threats, including attacks targeting shipping, the supply chain, email, and hybrid workers.

Zane Lackey: 'Technology Is the Easy Bit'

Security Pro File: The DevOps evangelist and angel investor shares his expertise with the next generation of startups. If you're lucky, maybe he'll even share his Lagavulin.

Monti, the New Conti: Ransomware Gang Uses Recycled Code

A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign.

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

The critical flaw in BackupBuddy is one of thousands of security issues reported in recent years in products that WordPress sites use to extend functionality.

US Sanctions Iran Over APT Cyberattack Activity

The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.

Microsoft, Cloud Providers Move to Ban Basic Authentication

Microsoft moves ahead with a plan to sunset basic authentication, and other providers are moving — or have moved — to requiring more secure authentication as well. Is your company ready?

LockBit, ALPHV & Other Ransomware Gang Leak Sites Hit by DDoS Attacks

A sweeping effort to prevent a raft of targeted cybercrime groups from posting ransomware victims' data publicly is hampering their operations, causing outages.

Why Ports Are at Risk of Cyberattacks

More docked ships bring a new challenge. The longer a ship is docked, the more vulnerable the port is to a cyberattack.

Darktrace Shares Plunge After Thoma Bravo Acquisition Falls Apart

No agreement could be reached on terms of a firm offer, the provider of AI-based cybersecurity products says.

A Pragmatic Response to the Quantum Threat

You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality.

5 Keys to Better Key Management

From analyzing your company's risk profile to knowing where keys are stored and who can access them, prioritize key clean-up and management. Make compliance an outcome and develop a risk management strategy.

Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram

Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors.

Vulnerability Exploits, Not Phishing, Are the Top Cyberattack Vector for Initial Compromise

A slew of Microsoft Exchange vulnerabilities (including ProxyLogon) fueled a surge in attacks targeting software flaws in 2021, but the trend has continued this year.

Former Conti Ransomware Members Join Initial Access Broker Group Targeting Ukraine

The initial access broker (IAB) for ransomware gangs known as UAC-0098 has targeted Ukrainian organizations in five separate phishing campaigns spanning April to August.

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

Investment to fuel growth and market presence as demand grows for SaaS' next-generation security tools for managed service providers.

Report Highlights Prevalence of Software Supply Chain Risks

Multiclient research report shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks.

Pen Testing Evolves for the DevSecOps World

Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design.