now browsing by tag


#cybersecurity | #infosec | Sonos backtracks (a little) over its software updates fustercluck

Source: National Cyber Security – Produced By Gregory Evans Sonos, the maker of wireless home sound systems, has got itself into some real hot water this week. On Tuesday, Sonos announced on its blog that from May 2020 it would no longer be pushing out software updates and new features to some of its legacy […] View full post on

#cybersecurity | hacker | PupyRAT found sniffing around EU energy concern

Source: National Cyber Security – Produced By Gregory Evans Home > Security News > Government/Defense A command and control server used by the Iranian-associate group PupyRAT that is communicating with the mail server of a European energy sector organization for the last several months. Recorded Future’s Insikt Group reported PupyRAT, a remote access trojan, had […] View full post on

#cybersecurity | #hackerspace | WhiteHat Provides Free Vulnerability Discovery Services to Gov’t Agencies

Source: National Cyber Security – Produced By Gregory Evans

As part of an effort to help chronically underfunded government agencies combat state-sponsored cyberattacks, WhiteHat Security, a unit of NTT, has decided to offer free of charge two services it provides for discovering vulnerabilities before and after application code is deployed to federal, state and municipal agencies in North America.

Company CEO Craig Hinkley said the decision to make WhiteHat Sentinel Dynamic and Sentinel Source Essentials Edition available for free to government agencies is motivated by civic duty. A native of Australia, Hinkley moved to the U.S. 23 years ago and last year became a U.S. citizen. State-sponsored attacks against election systems are nothing less than an attack on democracy, he said.

Citing data compiled by the Center for Strategic & International Studies, recent examples of state-sponsored cyberattacks against applications and websites included are of increasing concern, with recent examples include the theft of login credentials from government agencies in 22 countries across Asia, Europe and North America and hacking campaign that kicked more than 2,000 websites offline in Georgia.

At the same time, North Dakota officials this week disclosed cyberattacks aimed at the state government nearly tripled last year. Shawn Riley, North Dakota’s chief information officer and head of the Information Technology department, disclosed there were more than 15 million cyberattacks against the state’s government per month in 2019, a 300% increase year over year.

The Texas Department of Information Resources revealed it has seen as many as 10,000 attempted attacks per minute from Iran over a 48-hour period on state agency networks, while the U.S. Coast Guard (USCG) issued a security bulletin after revealing that one of its bases had been knocked offline last month by a Ryuk ransomware attack. Even small school districts are being impacted by cybersecurity: Richmond, Michigan, a small city near Detroit, recently announced that students would be enjoying a few extra days of holiday break this year while its school system recovered from a ransomware attack.

A recent report published by Emisoft, a provider of endpoint security software, estimates attacks against roughly 966 government agencies, educational institutions and healthcare providers created costs in excess of $7.5 billion.

Clearly, a lot of focus on cybersecurity attacks is on state and local governments that are responsible for ensuring the integrity of elections. Just this week, a bipartisan bill was proposed calling for the director of the Cybersecurity and Infrastructure Security Agency to appoint a cybersecurity state coordinator in each U.S. state.

Hinkley said it’s apparent government agencies don’t have the resources required to thwart attacks being launched by states themselves or rogue organized groups acting to advance their interests. By making available cybersecurity vulnerability assessment services for free, WhiteHat Security is moving to help agencies identify vulnerabilities in websites and applications that could be easily exploited, he said.

Making that capability available as a service should make it easier for both application developers and cybersecurity teams to scan for vulnerabilities before and after an application is deployed. It may even help foster the adoption of best DevSecOps practices within government agencies, Hinkley noted.

State-sponsored cybersecurity attacks have become a global issue. Concerns about such attacks have risen sharply as tensions in the Middle East continue to rise. The challenge now is how best to thwart those attacks before they are launched by eliminating as many existing vulnerabilities as possible.

Source link

The post #cybersecurity | #hackerspace |<p> WhiteHat Provides Free Vulnerability Discovery Services to Gov’t Agencies <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | hacker | Samba issues patches for three vulnerabilities

Source: National Cyber Security – Produced By Gregory Evans

released security updates patching three issues CVE-2019-14902, CVE-2019-14907,
and CVE-2019-19344.

The medium-rated
CVE-2019-14902 fixes a problem where a newly delegated right, but more
importantly the removal of a previously delegated right, would not be inherited
on any domain controller other than the one where the change was made. This
means if a user had been delegated the right to make alterations to a subtree,
such as changing passwords, and that right was then rescinded, that move would
not automatically be taken away on all domain controllers.

The patch
fixes this issue, but Samba noted, “it
is vital that a full-sync be done TO each Domain Controller to ensure each ACL
(ntSecurityDescriptor) is re-calculated on the whole set of DCs.”

medium rated, can allow a crash after failed character conversion at log level
three or higher affecting Samba 4.0 and later. In the Samba Active Directory
Domain Controller this may cause a long-lived process to terminate.

The final
issue, CVE-2019-19344,
covers a use after free issue during DNS zone scavenging in Samba Active
Directory Domain Controller in versions 4.9 and later. When Samba 4.9 was
rolled out it contained an off by default feature to tombstone dynamically
created DNS records that had reached their expiration point. There is a
use-after-free issue in this code that if the proper conditions exist save that
read memory into the database.

Patches for
all three issues have been posted.

Original Source link

The post #cybersecurity | hacker | Samba issues patches for three vulnerabilities appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | When CISOs Lose Their Jobs…

Source: National Cyber Security – Produced By Gregory Evans In his recent CSO Online article, 7 Security Incidents That Cost CISOs Their Jobs, writer Dan Swinhoe looks at some of the most high profile breaches in recent history that resulted in the CISO either leaving or being fired. In the article, Swinhoe quotes Dr. Steve […] View full post on

#cybersecurity | hacker | American Express, PayPal customers now targeted by 16Shop

Source: National Cyber Security – Produced By Gregory Evans

The Indonesian cybercrime gang Cyber Army has expanded its phishing-as-a-service offering, dubbed 16Shop, enabling users to target PayPal and American Express customers.

This criminal
operation was first picked up by McAfee in November 2018 and has primarily
targeted Apple owners and Amazon customers for its phishing attacks, but now
ZeroFOS’s Alpha Team has proof 16hop has added PayPal and American Express. This
information was obtained from phishing kit from the gang picked up by Alpha
Team researchers, the
company said.

The phishing
emails are designed to obtain as much PII as possible. The email note itself
generally informs the target their account has been breached or compromised in
some manner and the alleged company needs to confirm their account details,
including login credentials and payment card data.

The kits
themselves are designed for non-technical users.

“The goal of
phishing kits is to make this experience seamless, so not-so-technical kit
operators can deploy phishing pages without needing to understand the
underlying protocols behind managing this infrastructure. This kit also merges
dashboard functionality regardless of the scam page an operator buys, so the
operator gets an integrated experience whether they purchase one or multiple
kits,” the company said.

Next post in Phishing

Original Source link

The post #cybersecurity | hacker | American Express, PayPal customers now targeted by 16Shop appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Who Should the CISO Report To in 2020?

Source: National Cyber Security – Produced By Gregory Evans The debate over who the CISO should report to is a hot topic among security professionals, and that shows no sign of changing soon. That’s because there is still no standard or clear-cut answer. Ask CISOs themselves for their opinion, and you will get a variety […] View full post on

#cybersecurity | hacker | Microsoft warns attackers are exploiting zero day in IE scripting engine

Source: National Cyber Security – Produced By Gregory Evans

Hackers are actively exploiting a zero day vulnerability in Internet Explorer, prompting a warning from the Department of Homeland Security (DHS) Cybersecurity & Infrastructure Security Agency (CISA).

“Microsoft is aware of limited targeted attacks” in a remote code execution (RCE) vulnerability [CVE-2020-0674] in the scripting engine of Internet Explorer across all versions of Windows that would let a hacker obtain the same rights as a current user, Microsoft warned Friday.

“If the current user is
logged on with administrative user rights, an attacker who successfully
exploited the vulnerability could take control of an affected system,” the company

could then do things like install programs, manipulate data or even create new
accounts to which they’d have full user rights. “In a web-based attack
scenario, an attacker could host a specially crafted website that is designed
to exploit the vulnerability through Internet Explorer and then convince a user
to view the website, for example, by sending an email,” Microsoft explained.

warning came on the heels of Microsoft’s advisory. The agency recommended
“users and administrators to review Microsoft’s
Advisory ADV20001 and
CERT/CC’s Vulnerability Note VU#338824 for
more information, implement workarounds, and apply updates when available” and
urged them to “consider using Microsoft Edge or an alternate browser until
patches are made available.”

Next post in Security News

Original Source link

The post #cybersecurity | hacker | Microsoft warns attackers are exploiting zero day in IE scripting engine appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | 2020 And Beyond: Idaptive’s Predictions and Expectations for the New Decade

Source: National Cyber Security – Produced By Gregory Evans

The close of a year is a natural time for reflection, and when it also means turning the page on a new decade people are inspired to speculate on what the next ten years might hold. At Idaptive, of course, we’ve always got our minds on what’s new, what’s next, and what nascent idea is going to shake up and redefine our industry.

We expect to see so many of the seeds planted over the past few years sprout and bear fruit in the next decade, and old, antiquated systems finally replaced with more efficient, more secure, and more user-friendly ways of operating. Passwords will finally become as obsolete as CD-ROMs, and artificial intelligence, machine learning, and analytics will blossom to make security more nimble, automated and adaptable.

As we welcome in 2020, Idaptive has identified what we believe will be the primary catalysts for life-changing innovation, laying the groundwork for a period in which we collectively learn to think more holistically about digital identity, and come to understand that unchecked trust has no place in our online security.

Prediction: Identity, analytics, and passwords evolve.

Fittingly, for the year 2020, identity and access management will finally begin to feel as advanced and sophisticated as the sci-fi-worthy date suggests. Increased adoption of tools like on-device biometric authenticators and the FIDO2 standard will fold behavior patterns, contextual data, and even user idiosyncrasies into an enhanced authentication system that will eliminate passwords from applications and endpoints. You will be the key that unlocks your devices and apps, and password sharing, resetting, or hacking will be significantly less of a security threat.

Just as passwords will no longer be the dominant access management tool, so, too, will the IT world move towards reducing and even eliminating the concept of policies that govern identity and access management altogether. They will begin to more broadly leverage AI, machine learning, and contextual data of users, locations, and networks to drive more identity use cases in the next three to five years.

We’ve watched carefully over the past few years as point solution vendors have reached scale and become market leaders, thanks to the increased popularity of the cloud and mobile devices. This year we anticipate a consolidation of these point vendors, products, and technologies in the various sub-market segments of identity and access management to produce the next generation identity platform. At the same time, the next several years will see a wider proliferation of use cases related to identity that leverages blockchain technology such as self-sovereign identity for the purpose of identity verification and management, and for managing credentials, consents, and preferences.

Prediction: Zero Trust and multi-cloud environments become commonplace.

As for what we expect to see ripple across the identity and access management industry in the coming decade, it all comes down to Zero Trust.

We see 2020 as the year when investment in Zero Trust technologies (which has been slowly sown over the past few years) begins to bear real fruit. Conventional security systems like firewalls are disappearing, and more and more organizations are adopting technologies that allow them to access on-premises data center resources like apps, servers, and the cloud anytime, from anywhere.

On-premises user directories will be another technology that will find itself phased out and made obsolete in the new year, as more companies shift to the cloud. Being faster, more efficient, and more agile (not to mention more secure) will kick off a swell of momentum around quantum computing. IBM, Google, D-Wave and even AWS will push each other to bring commercial quantum computing to market, and its impact on cybersecurity will rise in line with that conversation.

As we at Idaptive raise a glass to the new year, we prepare for a decade of massive, impactful change in our industry, in technology, and in our collective understanding of all that cybersecurity is and can be. So cheers, and Happy New Year to you and yours! 


Looking for more predictions? Check out the following:

Blog: Five Identity and Access Management Predictions for 2020 and Beyond

20 Predictions for 2020 @IdaptiveHQ on Twitter

Source link

The post #cybersecurity | #hackerspace |<p> 2020 And Beyond: Idaptive’s Predictions and Expectations for the New Decade <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | US Could Appoint a Cybersecurity Leader for Each State

Source: National Cyber Security – Produced By Gregory Evans

The USA is considering legislation that would protect local governments by requiring the appointment of a cybersecurity leader for each state.

Backers of the Cybersecurity State Coordinator Act of 2020 say the proposed law will improve intelligence sharing between state and federal governments and speed up incident response times in the event of a cyber-attack.

Under the legislation, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency would be tasked with appointing an employee of the agency in each state to serve as cybersecurity state coordinator. 

Money to create these positions would come from the federal government, which would be required to ring-fence the necessary funding. 

The role of each state coordinator would be multifaceted, combining elements of training, advisory work, and program development.

Each leader would serve as a principal federal cybersecurity risk advisor, coordinating efforts to prepare for, respond to, and remediate cyber-attacks. Another core responsibility would be to raise awareness of the financial, technical, and operational resources available to nonfederal entities from the federal government.

Coordinators would be expected to support training, exercises, and planning for continuity of operations to expedite as swift a recovery as possible from cybersecurity incidents. Furthermore, they would be called on to assist nonfederal entities in developing and coordinating vulnerability disclosure programs consistent with federal and information security industry standards.

“State, local, Tribal, and territorial entities face a growing threat from advanced persistent threat actors, hostile nation states, criminal groups, and other malicious cyber actors,” reads the bill. “There is an urgent need for greater engagement and expertise from the Federal Government to help these entities build their resilience and defenses.”

The bill, which has attracted bi-partisan support, was introduced by Senators Maggie Hassan and Gary Peters and is co-sponsored by senators John Cornyn of Texas and Rob Portman of Ohio.

Portman said: “This bipartisan bill, which creates a cybersecurity state coordinator position, would help bolster state and local governments’ cybersecurity by facilitating their relationship with the federal government to ensure they know what preventative resources are available to them as well as who to turn to if an attack occurs.”


#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity

Source link

The post #infosec | US Could Appoint a Cybersecurity Leader for Each State appeared first on National Cyber Security.

View full post on National Cyber Security