Wednesday, May 12, 2021
Internet Storm Center Infocon Status

LATEST

Half of Government Security Incidents Caused by Missing Patches

Half of Government Security Incidents Caused by Missing PatchesCybersecurity is both a driver and a major barrier to public sector IT modernization, according to new research from BAE Systems Applied Intelligence. The cyber consultancy polled 250 managers with IT responsibility...
The Register

Blessed are the cryptographers, labelling them criminal enablers is just foolish

Preserving privacy is hard. I know because when I tried, I quickly learned not to play with weapons Column  Nearly a decade ago I decided to try my hand as a cryptographer. It went about as well as you...
The Hacker News

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations

The cybercrime syndicate behind Babuk ransomware has leaked more personal files belonging to the Metropolitan Police Department (MPD) after negotiations with the DC Police broke down, warning that they intend to publish all data ransom demands are not met. "The...
Security Affairs

NSA and ODNI analyze potential risks to 5G networks

U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence gathering. The U.S. National Security Agency (NSA), along with the DHS Cybersecurity and Infrastructure Security Agency (CISA), and the Office...
The Hacker News

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild

Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. The list of updated applications includes Adobe Experience Manager,...
The Register

Beijing twirls ban-hammer at 84 more apps it says need to stop slurping excess data

Online lending apps and more given fifteen days to ‘rectify’ behaviour China’s Central Cyberspace Affairs Commission has named 84 apps it says breach local privacy laws and given their developers 15 days to “rectify” their code.…
SecurityWeek

SAP Patches High-Severity Flaws in Business One, NetWeaver Products

SAP has released a total of six new security notes on its May 2021 Security Patch Day, along with updates for five other security notes, including three rated Hot News. read more
The Register

South Korea orders urgent review of energy infrastructure cybersecurity

No prizes for guessing why, as Colonial Pipeline outage stretches patience and looks like lasting a week South Korea’s Ministry of Trade, Energy and Infrastructure has ordered a review of the cybersecurity preparedness of the nation’s energy infrastructure.…
SecurityWeek

Ransomware Gang Threatens Release of DC Police Records

A Russian-speaking ransomware syndicate that stole data from the Washington, D.C., police department says negotiations over payment have broken down, with it rejecting a $100,000 payment, and it will release sensitive information that could put lives at risk if...
IBM Security

Synthetic Identity Theft: When Everybody Knows Your Name

You probably have a place where everyone knows your name — and maybe your address and your birthday and your favorite drink. That place could be your favorite restaurant, your office or your grandma’s house. It doesn’t matter where...
The Register

Tech industry quietly patches FragAttacks Wi-Fi flaws that leak data, weaken security

Dozen design, implementation blunders date back 24 years A dozen Wi-Fi design and implementation flaws make it possible for miscreants to steal transmitted data and bypass firewalls to attack devices on home networks, according to security researcher Mathy Vanhoef.…
Security Now

SN 818: News From the Darkside – Exim Email Server, Tor's Exit Nodes, TsuNAME, Project Hail Mary

Picture of the week. TsuNAME - "DNS Configuration Flaw Lets Attackers Take Down DNS Servers" Huh Google? Tor's Exit Nodes. 21 Nails in Exim's coffin. Project Hail Mary: A Novel. Closing the loop. SpinRite update. News from the Darkside. We invite you to read our show notes at...
Security Now

SN 818: News From the Darkside – Exim Email Server, Tor's Exit Nodes, TsuNAME, Project Hail Mary

Picture of the week. TsuNAME - "DNS Configuration Flaw Lets Attackers Take Down DNS Servers" Huh Google? Tor's Exit Nodes. 21 Nails in Exim's coffin. Project Hail Mary: A Novel. Closing the loop. SpinRite update. News from the Darkside. We invite you to read our show notes at...
risky.biz

Risky Business #623 — Ransomware threatens US energy security

On this week’s show Patrick Gray, Adam Boileau and Chris Krebs...
SC Magazine

AWS configuration issues lead to exposure of 5 million records

Researchers reported on Tuesday that Amazon Web Services System Manager (SSM) misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents. In a...

A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm

Trinity Cyber takes a new spin on some traditional network-security techniques, but can its approach catch on widely?
Security Affairs

Hackers target Windows users exploiting a Zero-Day in Reader

Adobe confirmed that a zero-day vulnerability affecting Adobe Reader for Windows has been exploited in the wild in limited attacks. Adobe security updates for May 2021 address at least 43 CVEs in Experience Manager, InDesign, Illustrator, InCopy, Adobe Genuine Service,...
FireEye

Shining a Light on DARKSIDE Ransomware Operations

Since initially surfacing in August 2020, the creators of DARKSIDE ransomware and their affiliates have launched a global crime spree affecting organizations in more than 15 countries and multiple industry verticals. Like many of their peers,...

BrandPost: Automated, Orchestrated, and Integrated: The Open Platform Approach

As organizations increasingly shift to cloud, the IT infrastructure becomes riddled with complexity. SecOps, NetOps, and ITOps teams have their hands full using multiple tools to manage data and applications across the distributed environment.For SecOps in particular, tying these...

BrandPost: Merging NetOps, ITOps, and SecOps for Enhanced Visibility

Visibility into network traffic, endpoints, cloud infrastructure, and more is crucial – especially considering the sophistication of cyber threats, the widely distributed workforce, and the escalation of cloud adoption.Yet, many organizations have developed silos over time. Networking, IT, and...
780FollowersFollow

LEADERS

Brian Krebs

Microsoft Patch Tuesday, May 2021 Edition

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without...
Brian Krebs

Microsoft Patch Tuesday, May 2021 Edition

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without...
Brian Krebs

A Closer Look at the DarkSide Ransomware Gang

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel...
Bruce Schneier

AI Security Risk Assessment Tool

Microsoft researchers just released an open-source automation tool for security testing AI systems: “Counterfit.” Details on their blog.
Graham Cluley

The DarkSide ransomware gang must be shitting itself right now

So, what do you do if you're a ransomware gang which has just caught the attention of not just the world's media, but also the FBI and the President of the United States?