from

now browsing by tag

 
 

CISO Resigns From Pete Buttigieg Presidential Campaign

Source: National Cyber Security – Produced By Gregory Evans Enterprise VulnerabilitiesFrom DHS/US-CERT’s National Vulnerability Database CVE-2019-15625PUBLISHED: 2020-01-18 A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim’s memory processes to extract sensitive information. CVE-2019-19696PUBLISHED: 2020-01-18 A RootCA vulnerability found in Trend […] View full post on AmIHackerProof.com

#deepweb | Criminals using ‘Frankenstein identities’ to steal from banks

Source: National Cyber Security – Produced By Gregory Evans It started out like any other online loan. Notre Dame Federal Credit Union reviewed the application. It did the necessary background checks, and authenticated the applicant’s credit score and background. But it wasn’t until a group of borrowers in Missouri abruptly stopped making payments that the […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Malicious npm package exfiltrating data from UNIX systems

Source: National Cyber Security – Produced By Gregory Evans

A
malicious JavaScript package was uploaded Dec. 30 2019 on the Node Package
Manager (npm), the world’s largest software registry, containing over 800,000
code packages that developers use to write JavaScript applications.

The
package, identified as 1337qq-js, was
spotted stealing sensitive data through install scrips of Unix Systems. It
marks the sixth-known incident to strike the npm repository in the past three
years.

According
to the analysis by the npm team, only Unix Systems are targeted, and the data
it collects includes running processes, environment variables, uname
–a, npmrc file and /etc/hosts.

So
how can this malicious package affect its users? Well, some sensitive
information such as hard-coded passwords and API access tokens are sometimes
stored as environment variables in JavaScript web or mobile apps.

In recent
years, similar security breaches have made it on the npm repository index. Most
notably, in April 2017, npm was hit with the upload of 38 malicious 
libraries configured to steal environment details from projects
that used them.

Luckily,
the malicious package was successfully removed from the npm website after a
two-week shelf life.

The
npm repository for 
1337qq-js now
reads: “This package name is not currently in use, but was formerly occupied by
another package. To avoid malicious use, npm is hanging on to the package name,
but loosely, and we’ll probably give it to you if you want it.”

As
a security measure, developers who downloaded or used the malicious JavaScript
package are urged to remove it from their systems and reset any compromised
passwords or credentials.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Alina Bizga. Read the original post at: https://hotforsecurity.bitdefender.com/blog/malicious-npm-package-exfiltrating-data-from-unix-systems-22041.html

Source link

The post #cybersecurity | #hackerspace |<p> Malicious npm package exfiltrating data from UNIX systems <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Rancocas Valley High School students blocked from social media, but can stream music video – News – Burlington County Times

Source: National Cyber Security – Produced By Gregory Evans

Federal law requires schools to protect students from inappropriate content. Schools have different standards on what to block, records show.

MOUNT HOLLY — Facebook, Snapchat and Twitter are off-limits.

Apple TV, Amazon Prime and Hulu video are just fine.

At Rancocas Valley Regional High School, cybersecurity systems are set to block student access to social media but allow teens to stream music and video on classroom devices, according to records released after a legal appeal to the New Jersey Government Records Council.

Beginning Nov. 8, this news organization filed open records requests with all Burlington County school districts.

Four months later, on Jan. 10, district officials released the requested information while apologizing for the delay.

“I reviewed the District’s initial response which did not include all of the documents I advised them to produce,” said George M. Morris, attorney for the school district. “Not sure where there was a breakdown in communication.”

Public schools are required by federal law to protect students from inappropriate content.

The information released by area schools districts shows that they have different standards for filtering content, protecting students and staff as well as the equipment financed by taxpayers.

In October, Cherry Hill School District in Camden County discovered some of its computer systems had been locked down and some district computer screens displayed the word “Ryuk,” a term associated with ransomware attacks.

Rancocas Valley is home to some 2,100 students from Eastampton, Hainesport , Lumberton, Mount Holly and Westampton.

In addition to streaming audio and video, Rancocas Valley students are allowed to access shopping, news and media, sports and travel websites, records show. A long list of blocked content includes dating, gambling, pornographic materials, sex education, tobacco, “sports hunting” and “war games.”

So far, records were provided by Bordentown Regional, Burlington City, Burlington Township, Cinnaminson, Delanco, Eastampton, Florence, Lenape Regional, Lumberton, Maple Shade, Medford, Moorestown, Mount Laurel, North Hanover, Palmyra, Riverside, Riverton, Shamong, Southampton, Springfield and Westampton.

Similar records requests are pending with Beverly City, Chesterfield, Edgewater Park, Evesham, Mansfield, the Northern Burlington County Regional School District and Willingboro schools.

Appeals have been filed with the New Jersey Government Records Council.

Under New Jersey’s Open Public Records Act, government agency must respond within seven days after receiving a request. Government agencies “must ordinarily grant immediate access to budgets, bills, vouchers, contracts,” according to the records council.

Source link

The post #comptia | #ransomware | Rancocas Valley High School students blocked from social media, but can stream music video – News – Burlington County Times appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Less than 10% of enterprise email domains are protected from spoofing — is yours?

Source: National Cyber Security – Produced By Gregory Evans Flaws in email security are among the leading causes of cybersecurity incidents for many organizations. Whether it’s ransomware, business email compromise (BEC) attacks, or a spear-phishing email that leads to cyber criminals gaining access to sensitive data, email is the common denominator. While there are many […] View full post on AmIHackerProof.com

#infosec | US Braced for Cyber Retaliation from Iran

Source: National Cyber Security – Produced By Gregory Evans

The US government has echoed concerns from the cybersecurity industry that Iranian state hackers could respond to the assassination of a top Tehran general with attacks on US critical infrastructure (CNI).

Widely considered the second most powerful man in Iran, Qassem Suleimani was killed by a US drone strike in Baghdad on Friday.

Military and political leaders in the country have warned of retribution, while signs posted along the vast funeral procession today are reported to have read: “Harsh revenge is awaiting.”

The Department for Homeland Security (DHS) has duly issued an alert warning of a terror threat on home soil, although it admitted “at this time we have no information indicating a specific, credible threat to the homeland.”

However, an attack could come with little or no warning, with cyber a likely vector, it said.

“Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber-enabled attacks against a range of US- based targets,” the notice continued.

“Iran maintains a robust cyber program and can execute cyber-attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”

On Saturday, the website of the government-run American Federal Depository Library Program (FDLP) was defaced with an image of a bloodied Donald Trump. Industry experts believe things could escalate even further.

John Hultquist, director of intelligence analysis at FireEye, warned of an uptick in cyber-espionage against government entities, designed to give Tehran a geopolitical advantage, and destructive attacks on CNI.

“Iran has leveraged wiper malware in destructive attacks on several occasions in recent years. Though, for the most part, these incidents did not affect the most sensitive industrial control systems, they did result in serious disruptions to operations,” he added.

“We are concerned that attempts by Iranian actors to gain access to industrial control system software providers could be leveraged to gain widespread access to critical infrastructure simultaneously. In the past, subverting the supply chain has been the means to prolific deployment of destructive malware by Russian and North Korean actors.”

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | US Braced for Cyber Retaliation from Iran appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Tech Lessons From Star Wars Movies

Source: National Cyber Security – Produced By Gregory Evans My family recently saw “Star Wars: The Rise of Skywalker” in a local movie theater, and we were not disappointed. The characters, action, plot, and almost everything else we experienced, met or exceeded our high expectations. As we were leaving the theater, almost everyone had an […] View full post on AmIHackerProof.com

#deepweb | Israeli Prime Minister Netanyahu seeks immunity from prosecution

Source: National Cyber Security – Produced By Gregory Evans   Israeli Prime Minister Netanyahu seeks immunity from prosecution By Jean Shaoul 4 January 2020 Prime Minister Benjamin Netanyahu has announced that he will officially request that the Knesset (parliament) grant him immunity from prosecution in the three corruption cases he faces, a move aimed at […] View full post on AmIHackerProof.com

#hacking | 5 Key Security Lessons From The Cloud Hopper Mega Hack

Source: National Cyber Security – Produced By Gregory Evans US Department of Homeland Security building, Washington DC AFP via Getty Images In December 2019, the U.S. government issued indictments against two Chinese hackers who were allegedly involved in a multi-year effort to penetrate the systems of companies managing data and applications for customers via the […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | The Top 10 State of Security Blog Posts from 2019

Source: National Cyber Security – Produced By Gregory Evans

It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more of an industry resource that caters to not only experienced security professionals but also to those who are new to the community.

To finish the year off, I wanted to look back on some of my personal favorites. I’ve tried to include a mixture of different styles, topics and authors. If you haven’t already, have a read of the 10 State of Security blog posts below and sign up to our daily feed here.

BlueKeep (CVE- 2019-0708) was big news in 2019. The vulnerability was described as “wormable” by Microsoft, and users were warned that BlueKeep might be exploited in a similar fashion to how the WannaCry ransomware used the Eternal Blue vulnerability to spread widely in 2017. As with WannaCry, many organizations were vulnerable to this exploit, especially those who use operating systems like Windows XP. In this blog, ICS security expert, Gary DiFazio looks at the impact this vulnerability has on the ICS environment and provides some tips to help users stay secure.

Read the full blog here.


 

 

 

It’s almost 2020, and phishing attacks still don’t show any sign of slowing down. In this blog, David Bisson looks at six of the most common methods of phishing attacks and then provides useful tips for readers on how they can protect themselves. Also, this blog is complemented by some great graphics to share with your colleagues, family and friends.

Read the full blog on the (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> The Top 10 State of Security Blog Posts from 2019 <p> appeared first on National Cyber Security.

View full post on National Cyber Security