Saturday, December 5, 2020

Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021

What 20 Leading Cybersecurity Experts Are Predicting For 2021
SecurityWeek

Italy Says Two Arrested for Defense Data Theft

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday. The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...

The US Used the Patriot Act to Justify Logging Website Users

Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
ZDNet

Ransomware hits helicopter maker Kopter

Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
ZDNet

Ransomware gangs are now cold-calling victims if they restore from backups without paying

Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
SC Magazine

Kmart, a vulnerable target, among those hit in Egregor ransomware attack spree

The fast-moving Egregor ransomware added Kmart to its list of retail targets, one day before the same attack group hit the Vancouver metro. The fast-moving Egregor ransomware has already hit other recognizable companies, most notably Barnes and Noble. Egregor first...
Bruce Schneier

Friday Squid Blogging: Bigfin Squid Found in Australian Waters

A bigfin squid has been found — and filmed — in Australian waters for the first time. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...

Microsoft Cloud Security Exec Talks New Tech, WFH, Gamification

Gunter Ollman explains the benefits of CPSM technology, how IT security teams have evolved, and how the pandemic has shaped security.

Making Sense of the Security Sensor Landscape

Chris Calvert of Respond Software (now part of FireEye) outlines the challenges that reduce the efficacy of network security sensors.

Kmart Hit by Egregor Ransomware

Egregor is also behind recent attacks on UbiSoft and Barnes & Noble.

High-Severity Chrome Bugs Allow Browser Hacks

Desktop versions of the browser received a total of eight fixes, half rated high-severity.

Rusty but intact: Nazi Enigma cipher machine found in Baltic Sea

Enlarge / The Enigma cipher machine found in the Baltic Sea is lying on a table in front of the archaeological office of Schleswig-Holstein. After its discovery, the machine was handed over to the office by research diver Huber....
ZDNet

Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day

Johnson & Johnson is one of six COVID-19 research companies that have been recently targeted by North Korean state-sponsored hackers.
Bruce Schneier

The 2020 Workshop on Economics and Information Security (WEIS)

The workshop on Economics and Information Security is always an interesting conference. This year, it will be online. Here’s the program. Registration is free.

BECs and EACs: What's the Difference?

Email accounts are common targets for attack. Understanding how attack types differ is critical for successful defense.
Security Affairs

Recently disclosed CVE-2020-4006 VMware zero-day was reported by NSA

VMware addressed CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. VMware has finally released security updates to fix the CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. At...
SC Magazine

Google discovers exploit devised to steal iPhone data remotely, without user interaction

An Apple Store in London. (Jon Rawlinson, CC BY 2.0 https://creativecommons.org/licenses/by/2.0, via Wikimedia Commons) Apple last May patched a vulnerability in the Apple Wireless Direct Link (AWDL) protocol that can be remotely exploited to steal data from an iPhone and...

Novel Online Shopping Malware Hides in Social-Media Buttons

The skimmer steals credit-card data, using steganography to hide in plain sight in seemingly benign images.
SC Magazine

Potential national cybersecurity director inches towards reality

Incoming president Joe Biden will likely have a new post to fill: national cybersecurity director.   The final draft of the National Defense Authorization Act, one of the few true must-pass annual bills, contains a provision calling for a Senate-confirmed position to orchestrate cyber strategy and coordinate incident response. The position would, in...
SecurityWeek

As Hospitals Cope With a COVID-19 Surge, Cyber Threats Loom

With COVID-19 Infections and Hospitalizations Climbing, Health Care Providers Are Dangerously Vulnerable to Cyberattacks By late morning on Oct. 28, staff at the University of Vermont Medical Center noticed the hospital’s phone system wasn’t working. read more
Cisco

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. The vulnerability is due to a lack of authentication...

Apache Releases Security Advisory for Apache Tomcat

Original release date: December 4, 2020The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages...

Google Releases Security Updates for Chrome

Original release date: December 4, 2020Google has released Chrome version 87.0.4280.88 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages...

VMware Releases Security Updates to Address CVE-2020-4006

Original release date: December 3, 2020VMware has released security updates to address a vulnerability—CVE-2020-4006—in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. An attacker could exploit this vulnerability to take control of an affected system.  The...
F5 Networks

Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949

Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949 Security Advisory Security Advisory Description CVE-2020-28948 Archive_Tar through 1.4.10 allows an unserialization attack because ...