Summary:
1. Decoupling allows for the separation of private data in cloud services, enhancing security and privacy.
2. Data in motion, data at rest, and data in use should all be decoupled to minimize risk.
3. Organizational and functional decoupling are key to protecting data from potential threats.
4. Verification of proper decoupling is crucial, similar to ensuring proper encryption.
5. Cloud services pose challenges to security and insider trading prevention regulations.
Hashtags:
#DecouplingForSecurity
#CloudSecurity
#PrivacyProtection
#DataDecoupling
#InsiderTradingPrevention
https://www.schneier.com/blog/archives/2023/11/decoupling-for-security.html
Summary:
DHS launches Shields Ready campaign to promote security and resilience for critical infrastructure organizations. The campaign focuses on cyberattacks, physical threats, and natural disasters. It encourages organizations to strengthen resilience and be prepared for potential disruptions by identifying critical assets, assessing risks, and developing strategic risk management plans. CISA offers resources for emergency managers to plan for and respond to cyber incidents.
Hashtags:
#DHS #CriticalInfrastructure #Security #Resilience #Cybersecurity #ShieldsReady
GitHub has enhanced its security capabilities with AI-powered features. These features include code scanning with autofix capability, secret scanning with custom patterns, and an updated security overview dashboard. #GitHub #AI #Security
Generative AI projects are becoming more popular on GitHub, with a significant increase in the number of projects in 2023. Developers are using pre-trained models and APIs to create generative AI-powered applications. #GenerativeAI #OpenSource #GitHub
GitHub Copilot, the AI developer tool, will be adopting LLMs to help developers identify errors and debug code. Copilot Chat will be available in December 2023, offering AI-powered assistance to subscribers. #GitHubCopilot #LLMs #AI
https://www.securityweek.com/github-enhances-security-capabilities-with-ai/
Protecto, a Silicon Valley startup, joins the AI data protection space. #AI #DataProtection #Startups
Protecto secures corporate AI deployments with easy-to-use APIs. #AI #DataProtection #API
The startup attracts $4 million in seed-stage capital led by the Together Fund. #Funding
Protecto's technology masks sensitive personal data while preserving its format and meaning for accurate AI results. #Privacy #AI
Investors are pouring cash into AI security companies like Hidden Layer and CalypsoAI. #Investment #AI #Security
Microsoft debuts an AI-powered security analysis tool for incident response and threat hunting. #Microsoft #SecurityAnalysis #AI
OpenAI releases a business edition of ChatGPT with enterprise-grade security. #OpenAI #ChatGPT #AIsecurity
https://www.securityweek.com/protecto-joins-cadre-of-startups-in-ai-data-protection-space/
FBI warns of ransomware attacks on third-party vendors and services. Two emerging techniques include exploiting vulnerabilities in vendors and targeting legitimate system management tools. FBI recommends cyber incident preparation, identity and access management, protective controls and architecture, and vulnerability and configuration management. #FBI #Ransomware #Cybersecurity #DataProtection
https://www.infosecurity-magazine.com/news/fbi-ransomware-initial-access/
Predator AI is a new Python-based tool that targets cloud services and uses AI technology. It allows for web application attacks and integrates with cloud email services. The tool is distributed through hacking communities on Telegram channels. Organizations can mitigate the risk by maintaining up-to-date systems and using cloud security posture management tools.
https://www.infosecurity-magazine.com/news/predator-chatgpt-integration-risks/
Microsoft Warns of Election Threats in 2024. Authoritarian nation states may interfere with elections using traditional methods and emerging technologies like AI. Microsoft suggests collaboration to safeguard elections. Microsoft introduces initiatives like Content Credentials as a Service, Campaign Success Team, Election Communications Hub, and support for legislative changes. Microsoft empowers voters with authoritative election information. #ElectionThreats #AI #Cybersecurity #SafeguardElections
https://www.infosecurity-magazine.com/news/microsoft-warns-of-election/
Researchers have designed an online system for APT attack detection, called "NODLINK", to cut down on financial harm caused by APTs. Current systems make it difficult for administrators to interpret results due to complex graphs. NODLINK offers real-time detection, quick response, and fewer false positives. It outperforms other systems in detecting attacks with fewer false positives. NODLINK uses a VAE model for terminal detection and is versatile across various operating systems. It offers fine-grained APT detection in real-time and efficiently allocates resources to suspicious events. #APT #Cybersecurity #NODLINK #OnlineDetection
Crowdsourced Threat Intelligence is a cost-effective way to gather data on cyber threats. It involves collecting and analyzing information from various sources, such as individual researchers and organizations. Crowdsourced threat intelligence offers advantages like wider coverage, faster remediation, and deeper insights into threats. Organizations can use this intelligence to enhance their cybersecurity strategies. #CyberSecurity #ThreatIntelligence #Crowdsourcing #CyberThreats
https://cybersecuritynews.com/crowdsourced-threat-intelligence/
Summary: The essential role of cybersecurity in document management is crucial for organizations to protect sensitive data. Document management systems have evolved over time, incorporating artificial intelligence and machine learning. Key concepts in the intersection of cybersecurity and document management include data security, compliance, and risk management. Organizations must understand where their data is stored, what type of data they have, who has access to it, and if it is properly protected. Best practices for secure document storage and sharing include data classification, collaboration, monitoring and response, policy and compliance, backup and data security, and software and vendor management.
Hashtags: #cybersecurity #documentmanagement #datasecurity #compliance #riskmanagement #dataprotection
Threat Actor Farnetwork has been linked to five ransomware schemes and is currently running another. They have been active since at least 2019 and operate on underground sites under various names. Between 2019 and 2021, they were involved in several RaaS schemes. In 2022, they set up their own RaaS program called Nokoyawa. As of October 2023, there were 35 victims listed on the Nokoyawa leak site. Hashtags: #Farnetwork #Ransomware #ThreatActor #Nokoyawa #Cybersecurity
https://www.infosecurity-magazine.com/news/threat-actor-farnetwork-five/
Summary:
- Four zero-day vulnerabilities have been identified in Microsoft Exchange, allowing attackers to execute arbitrary code.
- The vulnerabilities have not been assigned CVEs and have severities ranging from 7.1 to 7.5.
- Microsoft has not released patches to fix these vulnerabilities yet.
- The vulnerabilities involve server-side request forgery and the deserialization of untrusted data.
- Microsoft stated that the vulnerabilities were not severe enough to be immediately patched but will be evaluated for future updates.
- The vulnerabilities were discovered by Piotr Bazydlo of the Trend Micro Zero Day Initiative.
Hashtags:
#MicrosoftExchange #ZeroDayVulnerabilities #CyberSecurity #ServerSideRequestForgery #RemoteCodeExecution #DataBreaches #PiotrBazydlo #TrendMicroZDI
https://cybersecuritynews.com/zero-day-bug-in-microsoft-exchange/
#computersecurity #historyofcomputing #historyofsecurity #malware #lessonslearned #cybersecurity
https://www.schneier.com/blog/archives/2023/11/spaf-on-the-morris-worm.html
New MacOS Malware Linked to North Korean Hackers - SecurityWeek
#Malware #Threats #Cyberwarfare #Cybercrime #DataBreaches #Fraud #IdentityTheft #NationState #Ransomware #Vulnerabilities
New macOS malware, ObjCShellz, believed to be used by North Korean hackers, targets crypto exchanges. The malware is part of the RustBucket Campaign and allows attackers to deliver instructions and collect responses on Macs. The C2 server was taken offline, possibly indicating the malware's success or further development. Jamf identifies the group behind the malware as BlueNoroff, a financially motivated subgroup of Lazarus. The hardcoded C2 server and typosquatting suggest a phishing campaign targeting cryptocurrency. Despite the server being offline, the malware should not be ignored.
https://www.securityweek.com/new-macos-malware-linked-to-north-korean-hackers/
Data brokers expose sensitive US military member info to foreign threat actors, according to a Duke University study. The study found that it is easy and inexpensive to acquire military members' information from data brokers. This poses a risk to national security. Lawmakers are recommended to pass a comprehensive privacy law, and the Defense Department should conduct an internal data flow assessment. #DataBrokers #USMilitary #CybersecurityRisk #PrivacyLaw #NationalSecurity
Critical Vulnerabilities Expose Veeam ONE Software to Code Execution. Cybersecurity News. ICS Cybersecurity Conference. Malware & Threats. Cyberwarfare. Cybercrime. Data Breaches. Fraund & Identity Theft. Nation-State. Ransomware. Vulnerabilities. Threat Intelligence. Incident Response. Tracking & Law Enforcement. Application Security. Cloud Security. Endpoint Security. Identity & Access. IoT Security. Mobile & Wireless. Network Security. Cyber Insurance. Data Protection. Privacy & Compliance. Supply Chain Security. Industrial Cybersecurity. Funding/M&A. Endpoint Security. Critical Vulnerabilities Expose Veeam ONE Software to Code Execution. Hashtags: #CybersecurityNews #ICSConference #Malware #Cyberwarfare #Cybercrime #DataBreaches #Ransomware #Vulnerabilities #ThreatIntelligence #IncidentResponse #ApplicationSecurity #CloudSecurity #EndpointSecurity #IdentityAccess #IoTSecurity #MobileSecurity #NetworkSecurity #CyberInsurance #DataProtection #PrivacyCompliance #SupplyChainSecurity #IndustrialCybersecurity #Funding #MergersAndAcquisitions #EndpointSecurity.
https://www.securityweek.com/critical-vulnerabilities-expose-veeam-one-software-to-code-execution/
Summary:
- Security researchers have discovered a new malware variant associated with the BlueNoroff APT group, known for targeting cryptocurrency exchanges.
- The malware, named "ObjCShellz," functions as a remote shell and allows the attacker to have remote control over compromised systems.
- BlueNoroff disguises itself as an investor or headhunter to gain access to its targets.
- The malware communicates with a command-and-control server using a specific URL.
- The malware's functionality suggests it is a late stage of a multi-stage malware delivered via social engineering.
Hashtags:
#BlueNoroff #malware #cryptocurrency #cybersecurity #APT
https://www.infosecurity-magazine.com/news/bluenoroff-malware-targets/
Summary: A variant of the Gootloader malware called GootBot has been discovered by the IBM X-Force team. GootBot is used for lateral movement within infected networks and poses a heightened risk of ransomware attacks. The malware is delivered as a payload following a Gootloader infection and is capable of receiving command-and-control tasks in the form of encrypted PowerShell scripts. GootBot currently maintains zero antivirus detections, making it difficult to detect. Security measures recommended include keeping antivirus software up to date and closely monitoring network traffic and scheduled tasks.
Hashtags: #Gootloader #GootBot #malware #ransomware #cybersecurity
https://www.infosecurity-magazine.com/news/gootbot-heightens-risk-of-post/
Summary:
The Marina Bay Sands luxury complex in Singapore experienced a data breach that affected 665,000 customers. The breach involved unauthorized access to the loyalty program membership data of non-casino customers. Personally identifiable information, such as names, email addresses, and phone numbers, was leaked. The resort has taken steps to resolve the incident and is working with authorities in Singapore and other countries. The incident comes after similar hacks at US resort groups MGM International and Caesars Entertainment.
Hashtags:
#DataBreach #MarinaBaySands #Singapore #CustomerData #PersonalInformation #Cybersecurity
https://www.infosecurity-magazine.com/news/data-breach-singapores-marina-bay/
Hackers have found ways to bypass Android 13's "Restricted Settings" feature, allowing them to drop malware without being caught. This includes the use of SecuriDropper and Zombinder, which distribute various types of malware, including spyware and banking Trojans. The emergence of these tools highlights the challenges faced by organizations and individuals relying on mobile security. It is crucial to stay informed and vigilant, regularly update devices, avoid sideloading applications from untrusted sources, and be cautious of unexpected prompts for sensitive permissions. #Androidsecurity #malwarethreat #mobilesecurity
https://cybersecuritynews.com/hackers-bypass-android-13-restricted-settings/