Home

Dark Reading

25 May 2022

• Is Your Data Security Living on the Edge?
  Gartner's security service edge fundamentally changes how companies should be delivering data protection in a cloud and mobile first world.
• Interpol's Massive 'Operation Delilah' Nabs BEC Bigwig
  A sprawling, multiyear operation nabs a suspected SilverTerrier BEC group ringleader, exposing a massive attack infrastructure and sapping the group of a bit of its strength.
• JFrog Launches Project Pyrsia to Help Prevent Software Supply Chain Attacks
  Open source software community initiative utilizes blockchain technology.
• Mastercard Launches Cybersecurity “Experience Centre”
  Experience Centre features emerging Mastercard products and solutions for securing digital payments on a global scale, including those developed locally in Vancouver.
• Qualys to Unveil VMDR 2.0 at Qualys Security Conference in San Francisco
  Company will detail enhancements to Vulnerability Management, Detection and Response solution next month.
• Corelight Announces New SaaS Platform for Threat Hunting
  Corelight Investigator aids threat hunting and investigation through intelligent alert aggregation, built-in queries and scalable search
• Cybersecurity-Focused SYN Ventures Closes $300 Million Fund II
  Cylance co-founder Ryan Permeh has joined full time as an operating partner.
• Vishing Attacks Reach All Time High, According to Latest Agari and PhishLabs Report
  According to the findings, vishing attacks have overtaken business email compromise as the second most reported response-based email threat since Q3 2021.
• Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message
  Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.
• Meet the 10 Finalists in the RSA Conference Innovation Sandbox
  This year's finalists tackle such vital security concerns as permissions management, software supply chain vulnerability, and data governance. Winners will be announced June 6.

Threatpost

• Link Found Connecting Chaos, Onyx and Yashma Ransomware
  A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.
• Zoom Patches ‘Zero-Click’ RCE Bug
  The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.
• Verizon Report: Ransomware, Human Error Among Top Security Risks
  2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.
• Fronton IOT Botnet Packs Disinformation Punch
  Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda.
• Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches
  Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments.
• Snake Keylogger Spreads Through Malicious PDFs
  Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug.
• Closing the Gap Between Application Security and Observability
  Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell. 
• 380K Kubernetes API Servers Exposed to Public Internet
  More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access.
• Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
  Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites.
• DOJ Says Doctor is Malware Mastermind
  The U.S. Department of Justice indicts middle-aged doctor, accusing him of being a malware mastermind.

The Hacker News

25 May 2022

• Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
  25 May 2022
  A year-long international investigation has resulted in the arrest of the suspected head of the SilverTerrier cybercrime group by the Nigeria Police Force. "The suspect is alleged to have run a transnational cybercrime syndicate that launched mass phishing campaigns and business email compromise schemes targeting companies and individual victims," Interpol said in a statement. <!--adsense-->
• Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
  25 May 2022
  A group of academics has devised a system that can be used on a phone or a laptop to identify and locate Wi-Fi-connected hidden IoT devices in unfamiliar physical spaces. With hidden cameras being increasingly used to snoop on individuals in hotel rooms and Airbnbs, the goal is to be able to pinpoint such rogue devices without much of a hassle. The system, dubbed Lumos, is designed with this
• How Secrets Lurking in Source Code Lead to Major Breaches
  25 May 2022
  If one word could sum up the 2021 infosecurity year (well, actually three), it would be these: "supply chain attack".  A software supply chain attack happens when hackers manipulate the code in third-party software components to compromise the 'downstream' applications that use them. In 2021, we have seen a dramatic rise in such attacks: high profile security incidents like the SolarWinds,
• Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
  25 May 2022
  Malicious actors can gain unauthorized access to users' online accounts via a new technique called "account pre-hijacking," new research has found. The attack takes aim at the account creation process that's ubiquitous in websites and other online platforms, enabling an adversary to perform a set of actions before an unsuspecting victim creates an account in a target service. The study was led
• Researchers Find New Malware Attacks Targeting Russian Government Entities
  24 May 2022
  An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. "The campaigns [...] are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run commands on them remotely," Malwarebytes said in a

Naked Security

• Poisoned Python and PHP packages purloin passwords for AWS access
  More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
• Clearview AI face-matching service fined a lot less than expected
  The fine has finally gone through... but it's less than 45% of what was originally proposed.
• Mozilla patches Wednesday’s Pwn2Own double-exploit… on Friday!
  That was quick! 48 hours from exploit report to published patch.
• Microsoft patches the Patch Tuesday patch that broke authentication
  Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
• US Government says: Patch VMware right now, or get off our network
  Find and patch. Right now. If you can't patch, get it off the network. Right now! Oh, and show us what you did to comply.
• S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]
  Latest episode - listen now!
• Pwn2Own hacking schedule released – Windows and Linux are top targets
  What's better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?
• Apple patches zero-day kernel hole and much more – update now!
  You'll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.
• Firefox out-of-band update to 100.0.1 – just in time for Pwn2Own?
  A new point-release of Firefox. Not unusual, but the timing of this one is interesting, with Pwn2Own coming up in a few days.
• He sold cracked passwords for a living – now he’s serving 4 years in prison
  Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...