Using Hacked LastPass Keys to Steal Cryptocurrency. Hackers broke into LastPass and stole password vaults with encrypted and plaintext data for over 25 million users. They are now using that data to break into crypto wallets and drain them. The hack has resulted in $35 million and counting going into a single wallet. Online password databases are convenient but risky. Password Safe is a local-only alternative. Hastags: #Cryptocurrency #OperationalSecurity #PasswordSafe #Passwords.
Summary: OpenTitan is an open-source silicon root of trust (S-RoT) project that aims to provide security to devices vulnerable to third-party attacks. Managed by LowRISC, the project has achieved RTL Freeze and plans to release engineering sample silicon by the end of this year. OpenTitan offers transparency and availability, making it suitable for IoT devices and operational technology. The S-RoT can protect against various attacks and threats, and its open-source nature allows for inspection and vulnerability notifications. The risk of compromised devices and the need for security by design are driving the adoption of S-RoT solutions like OpenTitan.
Hashtags: #OpenTitan #SRoT #siliconsecurity #IoTsecurity #operationaltechnology #cybersecurity
https://www.securityweek.com/ot-iot-and-opentitan-an-open-source-silicon-root-of-trust/
Microsoft AI researchers accidentally exposed 38TB of data, including keys, passwords, and internal messages. #Microsoft #DataBreach #AI #Cybersecurity
How Will the Cyber Pathways Impact Your Career? The UK Cyber Security Council is introducing the Cyber Career Framework to standardize the industry. The framework covers 16 career pathways and offers certification at three levels. The aim is to address the skills gap and make it easier for both employers and candidates to navigate the cybersecurity field. The pathways provide detailed information on roles, responsibilities, qualifications, and career progression. However, existing professionals may need to go through a rigorous assessment to achieve certification. The success of the career pathways will depend on their ability to adapt to emerging careers and international standards. #CyberSecurity #CareerPathways #SkillsGap #Certification
https://www.infosecurity-magazine.com/opinions/cyber-pathways-mean-career/
Fraudsters steal over $1m through 'Pig Butchering' crypto scam. Sophisticated operation used fake trading pools to defraud victims. Victims' entire liquidity pools were emptied. Scammers impersonating decentralized finance provider. "Pig Butchering" scams growing in prevalence. Be wary of strangers promoting cryptocurrency investments. #crypto #scam #fraud #security
https://www.infosecurity-magazine.com/news/fraudsters-million-three-weeks-pig/
Hackers have released an updated version of the Black Hat AI tool WormGPT V2. The tool raises concerns about the misuse of large language models. WormGPT is an analog of ChatGPT for cybercriminals, allowing them to launch automated attacks like phishing. The developers behind WormGPT V2 claim it is a privacy-focused alternative to GPT with lightning-quick responses and unlimited characters. It is recommended to implement proper training, AI detection tools, email authentication protocols, user training, and robust security solutions. #cyberattack #cybersecurity #cybersecuritynews
10 Best Software Defined Perimeter (SDP) Tools In 2023:
1. Perimeter 81 SDP: Micro-segmentation, zero trust, and secure access.
2. GoodAccess: Network segmentation, zero trust, and threat protection.
3. Twingate SDP: Zero trust orchestration, secure remote access.
4. NetMotion SDP: Digital experience monitoring, VPN functionality.
5. Appgate SDP: Fast, zero trust, and risk-based authentication.
6. Cisco Software-Defined Access (SDA): Endpoint trust analytics, network automation.
7. Wandera SDP: Cloud security, threat prevention, ZTNA.
8. Cloudflare Zero Trust: Granular user authentication, web filtering.
9. Zone Zero: Streamlined access, straightforward deployment.
10. Zscaler: Secure application access, real-time threat identification.
#cybersecurity #networksecurity #SDP #zerotrust #remotework #dataprotection #cloudsecurity #threatprotection #accessmanagement
https://cybersecuritynews.com/software-defined-perimeter-tools/
Google has announced that Chromebooks released from 2021 onwards will receive automatic updates, including security patches, for 10 years. #Google #Chromebooks #AutomaticUpdates
The automatic security update lifecycle will apply to Chromebooks released since 2021, but older devices may also receive extended security updates for 10 years after their release. #Chromebooks #SecurityUpdates
Even after the automatic updates lifecycle ends, Chromebooks will continue to have built-in security features to keep them safe, such as Verified Boot. #Chromebooks #SecurityFeatures
Summary:
1. Akira ransomware targets Cisco VPNs without MFA, raising concerns about remote access security.
2. Weaponized Telegram mods pose risks as threat actors sell their versions.
3. Loda malware is a remote access trojan that steals sensitive information.
4. SriLanka government offices suffer a massive ransomware attack.
5. OriginBotnet attack delivers malware through a malicious Word document.
6. APT36 uses customized malware for targeted espionage in South Asia.
7. UNC3944 employs phone-based social engineering and SMS phishing attacks.
8. Hive0117 group launches phishing campaign targeting industries in Russia and neighboring countries.
9. Gamaredon group distributes malware disguised as MS Word documents via spear phishing.
10. Ballistic Bobcat APT group deploys the Sponsor backdoor for cyber espionage.
11. Windows Arbitrary File Deletion vulnerability can be used for full system compromise.
12. Free Download Manager for Linux is weaponized by threat actors to steal data and passwords.
13. MrTonyScam botnet orchestrates a massive Messenger phishing campaign on Facebook.
14. Storm-0324 threat actor uses Microsoft Teams for phishing emails to attack organizations.
15. 3AM ransomware surfaces and encrypts files in a limited manner.
16. Memory corruption flaws in the ncurses library allow threat actors to gain escalated privileges.
17. Proton Mail vulnerabilities jeopardize user privacy and confidentiality.
18. Chrome and Adobe release security updates to patch critical vulnerabilities.
19. Kubernetes, GitHub, and Mozilla face critical vulnerabilities.
20. Notepad++ and Trellix address vulnerabilities in their software.
21. Windows 11 and Azure HDInsight have code execution and XSS vulnerabilities.
22. Research papers highlight the challenges in detecting malicious HTTP traffic.
Hashtags:
#CyberSecurity #Threats #Vulnerabilities #Ransomware #Malware #Phishing #APTs #RemoteAccess #DataBreach #ZeroDay #SoftwareSecurity #Privacy #ChromeUpdate #AdobePatch #MicrosoftTeams #Windows11Vulnerability #XSS #SecurityUpdate
https://cybersecuritynews.com/threat-vulnerability-roundup-september/
#facialrecognition #technology #biometrics #identification #socialimplications #automatedtechnology
https://www.schneier.com/blog/archives/2023/09/on-technologies-for-automatic-facial-recognition.html
#BeyondFear #Security #RiskAssessment #Threats #Privacy #Freedom #SocialImpact #SecurityTheater #Flexibility #EmpiricalAnalysis #ProportionalResponses #Openness #Transparency #CivilLiberties #Ethics #UtilitarianEthics #IndividualAutonomy #PrivacyRights #ProportionalResponses #Justice #Fairness #Accountability #Transparency #HonestRepresentation #Integrity #Criticism #RealThreats #TheoreticalApproach #NoEasyAnswers #ConflictingValues #PoliticallyNaive #HindsightBias #Psychology #TechnicalFocus
https://www.schneier.com/blog/archives/2023/09/llm-summary-of-my-book-beyond-fear.html
Cleaning Squid - Two links on how to properly clean squid. #Squid #Cleaning
https://www.schneier.com/blog/archives/2023/09/friday-squid-blogging-cleaning-squid.html
California settles with Google over location privacy practices for $93 million. #California #Google #privacysettlemement #locationprivacy
The settlement follows a previous settlement of $391.5 million with 40 states, resolving an investigation into Google's tracking of users' locations. #Google #settlement #locationtracking
California Attorney General Rob Bonta holds Google accountable for misleading users about location tracking practices. #Californiaattorneygeneral #locationtracking
Google agrees to provide more transparency about location tracking and disclose the use of location information for ad personalization. #transparency #locationtracking #adpersonalization
The settlement is based on outdated product policies that Google claims to have changed. #outdatedpolicies #Google
(Source: SecurityWeek)
1. The Pentagon has published its 2023 Cyber Strategy, focusing on helping allies and defending the nation and its critical infrastructure.
2. The strategy includes boosting cyber capabilities of partners, increasing collective resilience, and augmenting cybersecurity infrastructure.
3. Defense efforts involve disrupting and degrading threat actors' capabilities and infrastructure.
4. The Pentagon aims to secure the DoD information network and leverage cyberspace operations for advantages.
5. The strategy emphasizes optimizing cyberspace operations forces, fostering a culture of cybersecurity, and investing in personnel education and training.
6. The DoD launched the 'Hack the Pentagon' website to support bug bounty programs and recruit security researchers.
7. The strategy recognizes malicious cyber activities by China and Russia to counter U.S. military power.
Hashtags: #Pentagon #CyberStrategy #Allies #Cybersecurity #Defense #InformationNetwork #CyberspaceOperations #HackThePentagon #China #Russia
https://www.securityweek.com/pentagons-2023-cyber-strategy-focuses-on-helping-allies/
Extradited Russian hacker Dariy Pankov pleads guilty to computer fraud, faces up to five years in federal prison. #RussianHacker #Cybercrime #NLBrute #GuiltyPlea
https://www.securityweek.com/extradited-russian-hacker-behind-nlbrute-malware-pleads-guilty/
Security by Design and Security by Default are crucial in the face of a tumultuous geo-political landscape and increasing reliance on digital services. IT suppliers need to be challenged to improve their security practices. Organizations should prioritize security and align it with their business strategy. Procurement processes and legal contracts should be re-engineered to prioritize secure by design and security by default approaches. Liability and penalty clauses should be introduced to hold IT vendors accountable for security costs. Collective action across industries and governments can drive change in IT suppliers. #ITsecurity #securitybydesign #securitybydefault #cybersecurity #ITvendors
https://www.infosecurity-magazine.com/opinions/demanding-it-security-design/
China's malicious cyber activity informs its preparations for potential military conflict with the US, according to a new Pentagon report. The report highlights China's engagement in cyber espionage, theft, and compromise against US critical infrastructure. It also notes that in the event of war, China is likely to launch destructive cyber-attacks against the US to hinder mobilization and sow chaos. Other threats mentioned in the report include North Korea, Iran, and financially-motivated transnational criminal organizations. The report outlines four strategies to address these threats, including defending the nation, preparing for war, protecting the cyber domain with allies, and building enduring advantages in cyberspace.
#China #cybersecurity #US #military #cyberattacks #threats #defense #cyberespionage #criticalinfrastructure #internationalrelations #nationalsecurity
https://www.infosecurity-magazine.com/news/china-cyber-activity-war-prep/
Cloud to Blame for Almost all Security Vulnerabilities
#CloudSecurity #Vulnerabilities #Cybersecurity
80.3% of security vulnerabilities come from a cloud environment.
#SecurityFlaws #CloudEnvironment
Most common cloud security flaws include web framework takeover, remote access services, and IT security and networking infrastructure.
#WebFramework #RemoteAccess #ITSecurity
Constant changes in cloud offerings impact end-users' exposure.
#CloudOfferings #Exposure
45% of high-risk, cloud-hosted exposures are observed on new services.
#HighRiskExposures #NewServices
Over 20% of externally accessible cloud services change monthly.
#CloudServiceChanges
Transport & logistics and insurance & financial sectors experience high volatility in cloud offerings.
#TransportLogistics #InsuranceFinancial
Organizations should implement attack surface management to discover, prioritize, and remediate exposures.
#AttackSurfaceManagement #ExposureRemediation
Mitigation recommendations include maintaining real-time understanding of internet-accessible assets, updating cloud configurations, and fostering collaboration between security and DevOps teams.
#AssetManagement #CloudConfigurations #Collaboration
https://www.infosecurity-magazine.com/news/cloud-blame-almost-all-security/
Hackers Acquire Corporate Logins From SMS Phishing And Support Desk Calls. UNC3944, a financially driven threat group, targets various businesses for data theft and extortion. They use social engineering, SMS phishing, and proxy services to gain access to victims. The attackers focus on privileged access management systems and employ aggressive communication techniques. Recommendations include enforcing Microsoft Authenticator and creating a Conditional Access Policy for external access. #cybersecurity #news #SMSPhishing
https://cybersecuritynews.com/unc3944-hackers-acquire-corporate-logins/
Massive DDoS attack at 633.7 Gbps combined ACK, PUSH, RESET, and SYN packets.
Top malicious traffic sources: Bulgaria, Brazil, China, India, United States, Thailand, Russia, Ukraine, Vietnam, Japan.
DDoS attacks on financial services have surged to over 30% since 2021.
Recent DDoS attack targeted a major US-based financial institution's primary web page.
Recommendations for DDoS defense: adopt CISA recommendations, establish continuous DDoS security controls, enhance security with advanced network cloud firewall, form a proactive crisis team.
#DDoS #CyberAttack #CyberSecurity