Information Security Wire

Woodstock Wire: Information Security Wire

Microsoft, SolarWinds Face New Criticism Over Russian Breach of US Networks

Slashdot - After Russia's massive breach of both government and private networks in the U.S., American intelligence officials "have expressed anger that Microsoft did not detect the attack earlier
Sun, 03 Jan 2021 20:49:36 - #solarwinds #cybersecurity #microsoft #security

Cortex XDR: Fortify the SOC Against SolarStorm, Variants and Imitators

Enterprise - Palo Alto Networks Blog - On Dec. 13, the world learned of the now-infamous SolarWinds supply-chain attack. The "SolarStorm" threat group infected countless SolarWinds Orion servers with a Trojanized DLL file and eluded detection for months.
While...
Sun, 03 Jan 2021 20:49:35 - #paloaltonetworks #solarwinds #cybersecurity #cloud #azure #machinelearning #threatprotection #domains #security

SolarWinds hack may be much worse than originally feared

Tech - The Verge - The Russia-linked SolarWinds hack which targeted US government agencies and private corporations may be even worse than officials first realized, with some 250 federal agencies and business...
Sun, 03 Jan 2021 20:49:24 - #solarwinds #supplychain #security

Here's why it's so dangerous that SolarWinds hackers accessed Microsoft's source code

Tech - BGR - Microsoft revealed that the SolarWinds hackers were able to breach its security and access sensitive source code, although they could not make any changes to it.
The company said that the hackers did not access production services or customer data,...
Sun, 03 Jan 2021 20:49:20 - #coronavirus #solarwinds #microsoft #security

DNS, DoH, and ODoH, Oh My: Year-in-Review 2020

Infosec - EFF Deeplinks - Government knowledge of what sites activists have visited can put them at risk of serious injury, arrest, or even death. This makes it a vitally important priority to secure DNS. DNS over HTTPS (DoH) is a protocol that encrypts the Domain...
Sun, 03 Jan 2021 20:49:16 - #domains #security

Facebook ads used to steal 615000+ credentials in a phishing campaign

Infosec - Security Affairs - Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims' login credentials.

Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. Threat actors...
Sun, 03 Jan 2021 20:49:14 - #cybersecurity #phishing #godaddy #security

New SolarWinds CEO Sudhakar Ramakrishna: Five First Priorities

Enterprise - ChannelE2E - Five steps new SolarWinds CEO Sudhakar Ramakrishna should take amid Orion vulnerability clean-up & pending SolarWinds MSP (N-able) spin-out.
Fri, 01 Jan 2021 22:13:16 - #solarwinds #security

How The COVID-19 Pandemic Empowered Cybercriminals, Hackers & Cyberattacks

Enterprise - ChannelE2E - Barracuda research shows how cybercriminals are using spear phishing, business email compromise and COVID-19 pandemic-related scams.
Fri, 01 Jan 2021 22:13:15 - #coronavirus #cybersecurity #phishing #security

Microsoft says Russians hacked its network, viewing source code

Infosec - Office of Inadequate Security - Ellen Nakashima reports: Russian government hackers engaged in a sweeping series of breaches of government and private-sector networks have been able to penetrate deeper into Microsoft's systems than previously known, gaining...
Fri, 01 Jan 2021 17:35:03 - #microsoft #security

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

Infosec - The Hacker News - Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking...
Fri, 01 Jan 2021 17:35:02 - #firewall #security

How Cybersecurity Will Change in 2021

Infosec - Record by Recorded Future - We're going to be powering up machines that have been touched for a year. Organizations might want to think twice before putting out a big PR release that they're going back to the office on a certain date. Figuring out how...
Fri, 01 Jan 2021 17:35:01 - #phishing #cybersecurity #security

Would you take the bait? Take our phishing quiz to find out!

Infosec - WeLiveSecurity - Is the message real or fake? Take our Phishing Derby quiz to find out how much you know about phishing.
Fri, 01 Jan 2021 17:13:23 - #phishing #security

Inbox Attacks: The Miserable Year (2020) That Was

Infosec - Threatpost - Reflecting on 2020's record-breaking year of spam and inbox threats.
Fri, 01 Jan 2021 17:13:22 - #security

Zero Trust Security - An Effective Risk Mitigation Model

Enterprise - dinCloud - We are in the midst of the largest remote work scenario in the history of modern technologies. With nearly everyone working from home (WFH), the overall threat surface has swelled exponentially.
Thu, 31 Dec 2020 21:20:09 - #cybersecurity #coronavirus #dincloud #digitaltransformation #quantum #security

Microsoft says SolarWinds hackers accessed company source code

Infosec - CyberScoop - Microsoft said Thursday that the SolarWinds hackers were able to access company source code, although the technology giant described the incident as largely harmless in an update to an internal investigation.
Thu, 31 Dec 2020 21:13:17 - #fireeye #solarwinds #microsoft #cybersecurity #security

Microsoft Reveals That Russian Attackers Accessed Some of Its Source Code

Infosec - Dark Reading - Malicious SolarWinds Orion backdoor installed in Microsoft's network led to the attackers viewing some of its source code.
Thu, 31 Dec 2020 21:13:16 - #solarwinds #microsoft #security

Thoma Bravo Announces Completion of Strategic Growth Investment in Venafi

Business Wire - Thoma Bravo announced the completion of its strategic growth investment in Venafi, the inventor and leading provider of machine identity management
Thu, 31 Dec 2020 21:13:15 - #identity #security

Microsoft says SolarWinds hackers viewed source code, but its defenses thwarted further access

Tech - GeekWire - An illicit account associated with the widespread SolarWinds hack was used to view some of Microsoft's internal source code, the company disclosed Thursday morning.
Microsoft says its investigation found that the account was unable to modify...
Thu, 31 Dec 2020 20:33:32 - #solarwinds #cybersecurity #microsoft #security

New Golang-based Crypto worm infects Windows and Linux servers

Infosec - Security Affairs - Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers.

Experts from Intezer discovered a Golang-based worm that targets Windows and Linux servers.
Thu, 31 Dec 2020 18:13:30 - #cybersecurity #jenkins #android #security

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Infosec - Security Affairs - T-Mobile has disclosed a data breach that exposed customers' network information (CPNI), including phone numbers and calls records.

T-Mobile has disclosed a data breach exposing customers' account's information. The T-Mobile security...
Thu, 31 Dec 2020 18:13:29 - #databreach #cybersecurity #t-mobile #security

CISA updates SolarWinds guidance, tells US govt agencies to update right away

Enterprise - ZDNet News - US federal agencies must update by the end of the year or take all SolarWinds Orion apps offline.
Thu, 31 Dec 2020 00:36:05 - #solarwinds #security

CISA demands US govt agencies to update SolarWinds Orion software

Infosec - Security Affairs - US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end of the year.

The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its official...
Wed, 30 Dec 2020 23:33:52 - #solarwinds #cloud #azure #microsoft #supplychain #cybersecurity #security

RiskIQ's New JARM Feature Supercharges Incident Response

Infosec - RiskIQ - There will be many more breaches like the one of SolarWinds.
Moving into 2021 and beyond, the ability to view your organization from the outside-in, as attackers do, will be the best defense against these internet-scale attacks by advanced APTs....
Wed, 30 Dec 2020 23:33:50 - #fireeye #solarwinds #riskiq #security

SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage?

Infosec - CyberScoop - Every massive breach comes with a trail of lawsuits and regulatory ramifications that can last for years. Home Depot, for instance, only last month settled with a group of state attorneys general over its 2014 breach.
Wed, 30 Dec 2020 23:33:49 - #solarwinds #fireeye #cybersecurity #microsoft #security

Security threats in 2021 and what you can do about them

Enterprise - IT World Canada - The past year has been an unpleasant rollercoaster ride that has forced businesses to adapt quickly to new, and in many cases, strict rules and limitations. Amid this global "readjustment," there have been many developments in cybersecurity...
Wed, 30 Dec 2020 18:31:17 - #cybersecurity #fortinet #security

DNSSEC Now Deployed in all Generic Top-Level Domains, Says ICANN

Domains - CircleID - The Internet Corporation for Assigned Names and Numbers organization (ICANN org) announced that all of the current 1,195 generic top-level domains (gTLDs) have deployed Domain Name System Security Extensions (DNSSEC).
Wed, 30 Dec 2020 18:13:31 - #cybersecurity #security

The most enticing cyberattacks of 2020

Infosec - Malwarebytes Unpacked - In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture of working from home, standing in socially-distanced lines,...
Wed, 30 Dec 2020 18:13:24 - #coronavirus #cybersecurity #solarwinds #threatintelligence #microsoft #vmware #domains #security

Google Docs bug could have allowed hackers to hijack screenshots

Infosec - Security Affairs - Google has addressed a bug in its feedback tool incorporated across its services that could have allowed attackers to view users' private docs.

Google has addressed a flaw in its feedback tool that is part of multiple of its services...
Wed, 30 Dec 2020 18:13:23 - #security

Akamai's Technical Enablement and Education Team, Part of the Global Services and Support Organization, Wins 2020 Chief Learning Officer Magazine Gold Award

Infosec - The Akamai Blog - On October 2020, the Akamai Technical Enablement and Education (TE&E) Team -- responsible for creating product-training certifications for employees (Global Services and Support [GSS]), customers (Akamai University), and channel partners...
Wed, 30 Dec 2020 16:35:59 - #akamai #security

SolarWinds Attribution: Are We Getting Ahead of Ourselves?

Infosec - Recorded Future - The recent expansive intrusion campaign of over half a dozen government agencies and as-yet unknown other organizations...
Wed, 30 Dec 2020 16:35:58 - #fireeye #solarwinds #threatintelligence #microsoft #cisco #supplychain #security

DDoS Attacks Spiked, Became More Complex in 2020

Infosec - Dark Reading - Global pandemic and the easy availability of for-hire services and inexpensive tool sets gave adversaries more opportunities to attack.
Wed, 30 Dec 2020 16:35:57 - #ddos #security

Bill & Melinda Gates Foundation's Charity GetSchooled Breaches 900k Children's Details

Infosec - Office of Inadequate Security - WELP reports: The Financial Times was the first to break this story earlier today (29th December 2020. This breach occurred when GetSchooled (getschooled.com), a charity founded by the Bill & Melinda Gates Foundation in...
Wed, 30 Dec 2020 16:35:56 - #gatesfoundation #melindagates #security

How to block malicious JavaScript files in Windows environments

Infosec - CSO Online - There have been several recent reports of fake updaters that spoof Google Chrome, Mozilla Firefox, and Internet Explorer landing pages. When the user clicks on the upgrade option, a JavaScript file is downloaded and executes malware. You...
Wed, 30 Dec 2020 16:35:54 - #cybersecurity #security

SolarWinds hackers aimed at access to victims' cloud assets

Infosec - Security Affairs - Microsoft says that SolarWinds hackers aimed at compromising the victims' cloud infrastructure after deploying the Solorigate backdoor (aka Sunburst).

The Microsoft 365 Defender Team revealed that the goal of the threat actors behind...
Wed, 30 Dec 2020 16:35:53 - #solarwinds #cloud #azure #microsoft #supplychain #cybersecurity #security

Reducing the Risk of Third-Party SaaS Apps to Your Organization

Infosec - Dark Reading - Such apps may try to leak your data, or can contain malicious code. And even legitimate apps may be poorly written, creating security risks.
Wed, 30 Dec 2020 16:35:52 - #security

WISeKey's Identity Blockchain Technology Secures Commercial and Recreational Drones and Improves Safety

Globe Newswire - Technology - WISeKey's Identity Blockchain Technology Secures Commercial and Recreational Drones and Improves Safety
Tue, 29 Dec 2020 18:13:36 - #blockchain #drones #security

6 Questions Attackers Ask Before Choosing an Asset to Exploit

Infosec - Threatpost - David "moose" Wolpoff at Randori explains how hackers pick their targets, and how understanding "hacker logic" can help prioritize defenses.
Tue, 29 Dec 2020 18:13:35 - #security

Latest web hacking tools - Q4 2020

Infosec - The Daily Swig - We take a look back at some of the best offensive security tools that were launched over the past three months
Tue, 29 Dec 2020 18:13:34 - #security

Code42 Wins Pair of Cybersecurity Awards

Business Wire - Code42, the Insider Risk Management leader, won a pair of industry awards, which recognize companies and solutions for innovations in cybersecurity.
Tue, 29 Dec 2020 18:13:33 - #code42 #cybersecurity #security

Cerberus Sentinel Announces Acquisition of Alpine Security

Globe Newswire - Technology - U.S. cybersecurity services firm expands compliance and penetration testing teams U.S. cybersecurity services firm expands compliance and penetration testing teams
Tue, 29 Dec 2020 17:37:28 - #acquisition #cybersecurity #security

Kali Linux + Mr. Robot ARG Society

Infosec - Kali Linux - Many of you may have known about the show Mr Robot and its unique connection to Kali Linux. But there is a little bit more that we have not talked about due to NDAs. But it appears the mystery is over, the red tape has been removed, and we...
Tue, 29 Dec 2020 17:37:27 - #robotics #gitlab #kalilinux #security

Japanese Aerospace Firm Kawasaki Warns of Data Breach

Infosec - Threatpost - The Japanese aerospace manufacturer said that starting in June, overseas unauthorized access to its servers may have compromised customer data.
Tue, 29 Dec 2020 17:37:26 - #databreach #security

Akamai Prolexic and Equinix Cloud Exchange Unite, Bringing DDoS Defense Closer to the Customer Origin

Infosec - The Akamai Blog - In terms of cyberthreats and digital risk, 2020 has been all about DDoS attacks. We've seen threat actors launch record breaking 1.44 Tbps and 809 Mpps attacks, cybercriminals conduct the largest global DDoS extortion campaign, and a...
Tue, 29 Dec 2020 17:37:25 - #equinix #coronavirus #hybridcloud #cybersecurity #digitaltransformation #digitalcommerce #ddos #akamai #datacenter #security

Security Pros Reflect on 2020

Infosec - Dark Reading - Eight cybersecurity leaders go deep on their most valuable (and very human) takeaways from a year like no other we've known.
Tue, 29 Dec 2020 17:37:24 - #cybersecurity #security

A Google Docs Bug Could Have Allowed Hackers See Your Private Documents

Infosec - The Hacker News - Google has patched a bug in its feedback tool incorporated across its services that could be exploited by an attacker to potentially steal screenshots of sensitive Google Docs documents simply by embedding them in a malicious website.
The...
Tue, 29 Dec 2020 17:37:23 - #security

CISA releases a PowerShell-based tool to detect malicious activity in Azure, Microsoft 365

Infosec - Security Affairs - Cybersecurity and Infrastructure Security Agency (CISA) released a tool for detecting potentially malicious activities in Azure/Microsoft 365 environments.

The Cybersecurity and Infrastructure Security Agency (CISA)'s Cloud Forensics...
Tue, 29 Dec 2020 17:13:48 - #cloud #azure #microsoft #cybersecurity #security

What is malvertising? And how to protect against it

Infosec - CSO Online - Malvertising definition
Malvertising, a word that blends malware with advertising, refers to a technique cybercriminals use to target people covertly. Typically, they buy ad space on trustworthy websites, and although their ads appear legitimate,...
Tue, 29 Dec 2020 17:13:47 - #cybersecurity #security

Hacking Christmas Gifts: Remote Control Cars

Infosec - TripWire - The State of Security - If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities....
Tue, 29 Dec 2020 17:13:46 - #tripwire #security

A Review of Ransomware in 2020

Infosec - TripWire - The State of Security - As if dealing with COVID-19 were not enough, 2020 turned out to be a banner year for another troublesome strain of virus- ransomware. Malicious actors grew more sophisticated, daring and brutal. They also hit a number...
Tue, 29 Dec 2020 17:13:45 - #coronavirus #cybersecurity #tripwire #security

Data security vs data privacy - they're not the same thing

Infosec - CSO Online - Data security and data privacy are both necessary to completely protect corporate data assets. But most companies spend most of their time on the former and much less on the latter.
Tue, 29 Dec 2020 17:13:44 - #cybersecurity #security