Trending Now
LATEST
Demonstration Showcase Brings DevOps to Interop19
Attendees will learn how orchestration and automation can be a part of network operations and security, even at smaller companies.
What Home Buying Can Teach Us About Continuous Monitoring
Companies have been brainwashed to solely rely on hiring major auditing companies to help monitor and audit their vendors’ security. Assessments from these traditional auditors are typically an annual point-in-time affair. With technology advancing much more frequently, this outdated...
Hacking for Lazy People – Application Security Weekly #58
This week, we welcome Thomas Hatch, the creator of the Salt open source software project, and is the CTO of SaltStack, the company behind Salt! In the Application Security News, Breach at IT outsourcer Wipro, SCP serves the file...
WannaCryptor ‘accidental hero’ pleads guilty to malware charges
Marcus Hutchins, who is best known for his inadvertent role in blunting the WannaCryptor outbreak two years ago, may now face a stretch behind bars
The post WannaCryptor ‘accidental hero’ pleads guilty to malware charges appeared first on WeLiveSecurity
Hack Naked News #215 – April 23, 2019
This week, a weather channel that was knocked off air by a malicious attack, how bad bots make up 20 percent of web traffic, ransomware ravages municipalities nationwide, a flaw in Shopify API exposed revenue and traffic data of...
ISIS claims responsibility for Sri Lanka massacre. Spearphishing embassies in Europe. How the Blockchain Bandit probably did it. Mexican embassy doxed.
ISIS claims responsibility for the Sri Lankan bombings. The government maintains its declared state of emergency, and has arrested at least forty in the course of its investigation. Check Point describes a spearphishing campaign against embassies in Europe. It’s...
Dutch NCSC Releases Updated TLS Guidelines
Original release date: April 23, 2019The Dutch National Cyber Security Centre (NCSC) has published an update to their Transport Layer Security (TLS) protocol guidelines, which aim to improve TLS configuration security.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users...
City of Stuart Still Recovering from Ryuk Ransomware Attack
Officials are investigating an April 13 ransomware attack that targeted Stuart's city servers and forced it offline.
Academics hide humans from surveillance cameras with 2D prints
Couple it with some snazzy eyeglasses and you can become invisible to modern AI-powered surveillance systems.
Flashpoint: Our site was not dishing malware
Flashpoint came out swinging today against an independent researcher who reported that the security company’s public-facing website was serving malware.
In what Flashpoint called an “after action report,” the company denied the website was itself infected with malware, but did...
Hackers Actively Exploiting Widely-Used Social Share Plugin for WordPress
Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take control over WordPress websites that are still running a vulnerable version of the plugin.
The vulnerable plugin in...
Washington state legislature passes data breach law, but punts on privacy law
The Washington state legislature went one-for-two this month in its attempt to pass major data breach and privacy regulations.
Yesterday, lawmakers unanimously passed HB 1071, which firms up and expands requirements for public breach notifications, but the state apparently...
App Exposes Wi-Fi Credentials for Thousands of Private Networks
A database used by WiFi Finder was left open and unprotected on the Internet.
Exploits for Adobe Vulnerabilities Spiked in 2018
With Flash Player on way out, attackers are renewing their focus on Acrobat Reader, RiskSense found.
When Every Attack Is a Zero Day
Stopping malware the first time is an ideal that has remained tantalizingly out of reach. But automation, artificial intelligence, and deep learning are poised to change that.
Podcast Episode 143: Tufin’s IPO with CEO Ruvi Kitov and Capsule8 on securing Linux at Scale
Tufin (TUFN) became the latest cyber security firm to have an initial public offering. In our first segment, we speak to its co-founder and CEO Reuven Kitov. Also: as more and more applications and workloads shift to the cloud,...
CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis
In the previous
installment, we wrote about how string hashing was used in
CARBANAK to manage Windows API resolution throughout the entire
codebase. But the authors used this same string hashing algorithm for
...
WordPress Social Warfare plugin vulnerabilities abused in the wild
About 42,000 websites have not updated to the latest version of the Social Warfare WordPress plugin, leaving themselves open to a pair of vulnerabilities that are being exploited in the wild.
Palo Alto’s Unit 42 research team is reporting that...
Fujifilm FCR Capsula X/Carbon X
This medical advisory includes mitigations for uncontrolled resource consumption and improper access control vulnerabilities reported in Fujifilm’s FCR Capsula X and Carbon X Computed Radiography cassette readers.
Kaspersky Links ShadowHammer Supply-Chain Attack to ShadowPad Hackers
The sophisticated supply-chain attack called Operation ShadowHammer that targeted ASUS users can be linked to the "ShadowPad" threat actor and the CCleaner incident, Kaspersky Lab’s security researchers say.
read more
Rockwell Automation MicroLogix 1400 and CompactLogix 5370 Controllers
This advisory includes mitigations for an open redirect vulnerability reported in Rockwell Automation’s MicroLogix 1400 and CompactLogix 5370 controllers.
Drive-By Malware Uses Google Sites for Drive by Download Attacks
New malware, LoadPCBanker, is leveraging Google's Sites to spread via drive-by download attacks, according to a new report. Companies are advised to block uploads and downloads from the service.
The post Drive-By Malware Uses Google Sites for Drive by...
Banking Trojan Drive-by Download Leverages Trust in Google Sites
Brazilian hackers have developed a drive-by download attack leveraging the inherent trust in the Google name. A banking trojan known as LoadPCBanker is deployed using the file cabinets template in Google sites as a delivery vehicle.
read more
Shifting to DevSecOps Is as Much About Culture as Technology and Methodology
This move to container-based development and agile methodologies has been great for innovation and iteration, but it’s also brought a massive shift in the application landscape with real impact on security teams.
read more
Malicious lifestyle apps found on Google Play, 30 million installs recorded
The adware-laden apps attempt to lure victims into installing additional software.
LEADERS
G7 Comes Out in Favor of Encryption Backdoors
From a G7 meeting of interior ministers in Paris this month, an "outcome document":
Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access...
Who’s Behind the RevCode WebMonitor RAT?
The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT, a similar product...
Excellent Analysis of the Boeing 737 MAX Software Problems
This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read.
Technically this is safety and not security; there was no attacker. But the fields are closely related and there are a...
Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware
Marcus Hutchins, a 24-year-old blogger and malware researcher arrested in 2017 for allegedly authoring and selling malware designed to steal online banking credentials, has pleaded guilty to criminal charges of conspiracy and to making, selling or advertising illegal wiretapping...
Friday Squid Blogging: New Squid Species off the New Zealand Coast
There's a new diversity of species.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Read my blog posting guidelines here.
