Senators demand probe into SEC hack after Bitcoin price spike. SEC's Twitter account was compromised and hackers posted a fake announcement regarding the approval of Bitcoin exchange-traded funds. Senators criticize SEC for failing to secure social media accounts using industry best practices. SEC urged to investigate cybersecurity practices and address security gaps. SEC given deadline of February 12 to provide an update on the investigation. #SEC #hack #Bitcoin #cybersecurity
https://www.infosecurity-magazine.com/news/senators-probe-sec-hack-bitcoin/
Researchers have found a significant increase in global botnet activity between December 2023 and January 2024. The surge in activity reached over one million devices. The heightened activity persisted into the new year, with spikes exceeding one million devices each day. The surge originated from five key countries: the United States, China, Vietnam, Taiwan, and Russia. The botnets focused on scanning global internet ports, particularly ports 80, 443, 3389, 5060, 6881, 8000, 8080, 8081, 808, and 8888. The use of cheap or free cloud and hosting servers contributed to the rise of these botnets. #research #botnet #cybersecurity
https://www.infosecurity-magazine.com/news/hundredfold-surge-global-botnet/
1. APT hackers are using GitHub to deliver malware payloads and exploit vulnerabilities.
2. Over 94 million people use GitHub for coding collaboration.
3. Threat actors exploit GitHub for payload delivery, data access, C2, and exfiltration.
4. Fake repositories and repository poisoning are used to take advantage of GitHub.
5. GitHub Pages are abused for phishing and traffic redirection.
6. Developers should enhance visibility, maintain up-to-date asset inventory, and implement adaptive security policies.
7. Protecting GitHub accounts and engaging with GitHub to counter malicious activities is recommended.
8. The abuse of GitHub remains attractive to threat actors due to its versatile services and seamless integration.
9. Cost-effective penetration testing services are available for assessing digital systems.
Hashtags: #GitHub #Malware #Cybersecurity #ThreatActors #Vulnerabilities #PayloadDelivery #DataAccess #C2 #Exfiltration #Phishing #SecurityPolicies #PenetrationTesting
https://cybersecuritynews.com/living-off-trusted-sites-lots-apt-hackers/
Juniper Networks has patched over 100 vulnerabilities, including a critical flaw allowing remote code execution in their firewalls and switches. The vulnerabilities can lead to denial-of-service attacks and unauthorized access. #JuniperNetworks #Cybersecurity #CodeExecution #Vulnerabilities #Patch
HelloFresh has been fined £140K for sending 80 million spam messages. #HelloFresh #spam #fine
The Information Commissioner’s Office (ICO) issued the penalty after an investigation. #ICO #investigation
HelloFresh breached regulation 22 of the Privacy and Electronic Communications Regulations 2003 (PECR). #privacy #regulations
The company sent 79 million spam emails and one million spam texts in just seven months. #spam #emails #texts
Recipients did not give proper informed consent for receiving the messages. #consent #spam
Customers were not adequately informed about the use of their data for marketing after canceling their subscriptions. #data #marketing
Head of investigations, Andy Curry, called it a clear breach of trust by HelloFresh. #breachoftrust
The ICO has fined companies responsible for nuisance calls, texts, and emails over £2.4m since April 2023. #fines #nuisancecalls.
https://www.infosecurity-magazine.com/news/hellofresh-fined-140k-80-million/
Summary:
1. Zero Trust is a security framework that requires authentication, authorization, and constant validation.
2. Top 10 Zero Trust Security Vendors: Perimeter 81, CrowdStrike Zero Trust, Cisco Zero Trust Platform, Palo Alto Zero Trust, Twingate, Forcepoint Zero Trust, Akamai Intelligent Edge, Illumio Core, ThreatLocker, Okta's Zero Trust.
3. Zero Trust implementation best practices include explicit verification, least privilege access, assuming breach, microsegmentation, multi-factor authentication, continuous monitoring, extending security principles to the entire ecosystem, employee education, automated policy enforcement, and regular audits and compliance checks.
Hashtags: #ZeroTrustSecurity #CyberSecurity #DataProtection #NetworkSecurity #Authentication #AuthorizedAccess #LeastPrivilege #ContinuousMonitoring #Microsegmentation #MultifactorAuthentication #AutomatedSecurity #ComplianceChecks
Upcoming Speaking Engagements: Bruce Schneier will speak at the International PolCampaigns Expo (IPE24) in Cape Town, South Africa on January 25-26, 2024.
Hashtags: #SpeakingEngagements #SchneieronSecurity
https://www.schneier.com/blog/archives/2024/01/upcoming-speaking-engagements-33.html
#GiantSquid #Newfoundland #1800s #SchneieronSecurity #photos #squid
ISO 27001 and ISO 27002 are international standards for managing information security within an organization. They provide a framework for identifying, implementing, and improving security measures. ISO 27001 focuses on establishing an Information Security Management System (ISMS) while ISO 27002 delves into specific controls. Implementing these standards brings benefits such as risk management, compliance, stakeholder confidence, and continual improvement. The key considerations include management support, risk assessment, scope definition, legal compliance, security controls, training, documentation, audits, and continuous improvement. ISO 27001 and ISO 27002 help manage IT security through risk assessment, establishing an ISMS, continuous improvement, compliance, best practice guidelines, control selection, and security awareness. #ISO27001 #ISO27002 #informationsecurity #ISMS #riskmanagement #compliance #securitycontrols #continuousimprovement #ITsecurity
IoT devices lack software liability for cyberattacks on users and third parties. Users have legal protection, but third-party victims need a pathway for redress. Recent court judgments in the UK and Ireland allow third-party victims to pursue negligence claims against smart device manufacturers. #IoT #SoftwareLiability #Cyberattack #DataProtection
https://www.schneier.com/blog/archives/2024/01/on-iot-devices-and-software-liability.html
1. WEF publishes cybersecurity report with unsurprising findings. #cybersecurity #WEF #report #cyberinsurance
2. KyberSlash vulnerability in the Kyber KEM algorithm. #cybersecurity #KyberSlash #vulnerability #cryptography
3. Self-spreading Mirai-based NoaBot botnet discovered. #cybersecurity #botnet #NoaBot #Mirai
4. Iranian APT targets Albania in wiper attack. #cybersecurity #Iran #APTar #wiperattack #Albania
5. North Korean hackers stole $600 million in cryptocurrency in 2023. #cybersecurity #hacking #NorthKorea #cryptocurrency
6. Paladin Global Institute launched to protect critical infrastructure. #cybersecurity #PaladinGlobalInstitute #criticalinfrastructure
7. ZDI disclosed 1,900 vulnerabilities in 2023. #cybersecurity #vulnerabilities #ZDI
8. Cloudflare publishes DDoS and API security reports. #cybersecurity #Cloudflare #DDoS #API
9. OpenSSL, Chrome, Fortinet, Juniper patches released. #cybersecurity #OpenSSL #Chrome #Fortinet #Juniper
10. Vulnerabilities found in medical devices, smart home products, and IT management software. #cybersecurity #vulnerabilities #medicaldevices #smarthome #ITsoftware
Summary:
Laptop maker Framework has experienced a data breach at its external accounting partner, resulting in the theft of customer data. The breach occurred due to a phishing attack targeting an employee at Keating Consulting. The attackers requested accounts receivable information and obtained a spreadsheet containing the names, email addresses, and balance owned of certain customers. Framework has notified impacted individuals and is auditing the procedures and training of consultants with access to customer information. Users are urged to remain vigilant against phishing attempts.
Hashtags:
#DataBreach #PhishingAttack #CustomerDataStolen #Framework #KeatingConsulting #Vigilance
https://www.securityweek.com/laptop-maker-framework-says-customer-data-stolen-in-third-party-breach/
Summary: Brad Arkin, a veteran cybersecurity leader, has left Cisco to join Salesforce as the SVP and Chief Trust Officer. He will be responsible for building confidence around the company's use of customer data. Arkin is well recognized for his previous work as Chief Security Officer at Adobe.
Hashtags: #BradArkin #Salesforce #ChiefTrustOfficer #Cybersecurity #CustomerData
https://www.securityweek.com/brad-arkin-is-new-chief-trust-officer-at-salesforce/
The exploitation of cloud services in global conflicts is a growing issue, with popular apps like Microsoft OneDrive being used for malicious purposes. State-sponsored threat actors, such as APT29, are taking advantage of cloud services like OneDrive and Dropbox for their command and control infrastructure. These services offer simplicity, flexibility, and established trust, making it easier to launch attacks and evade network security defenses. Recent campaigns have targeted foreign embassies and government entities in Europe with an interest in Ukraine. A new malware variant called GraphicalProton has been utilized, utilizing the Microsoft OneDrive and Dropbox APIs. Another threat group linked to the Russo-Ukrainian conflict has developed a malware framework called CommonMagic, also leveraging OneDrive and Dropbox for its command and control infrastructure. A separate APT group operating out of Ukraine has deployed the CloudWizard malware framework, which exploits not only OneDrive and Dropbox but also Google Drive. Organizations must adopt a new security posture to protect against the exploitation of cloud applications. This includes educating users on responsible use, inspecting all HTTP/HTTPS downloads, configuring policies to reduce risk, and ensuring all security defenses work together. The rise of state-sponsored actors using cloud services should serve as a warning for users to be vigilant in their digital interactions. #cloudsecurity #cyberthreats #stateactors #OneDrive #Dropbox
https://www.infosecurity-magazine.com/blogs/battling-exploitation-cloud/
Phishing scams exploit employee desires and promises of benefits. HR-related phishing emails use lures like pay raises and promotions. A consistent HR schedule is recommended. #phishingscams #HRthreats
https://www.infosecurity-magazine.com/news/pay-raise-cofense-hr-scams-report/
CISA urges critical infrastructure to patch urgent ICS vulnerabilities. Hashtags: #Cybersecurity #Infrastructure #Patch #Vulnerabilities #ICS
https://www.infosecurity-magazine.com/news/cisa-critical-infrastructure-patch/
Human error and insider actions are responsible for most data breaches in UK law firms, according to data from the Information Commissioner's Office (ICO). Over 4.2 million people were affected by these breaches, with basic personal information being the most commonly breached data. Other types of breached data included economic and financial data, health data, and official documents. The causes of breaches included human error, sharing data with the wrong person, phishing and ransomware attacks, and data loss. Law firms must be vigilant and implement robust cybersecurity measures to protect against these breaches. #DataBreaches #UKLawFirms #Cybersecurity
https://www.infosecurity-magazine.com/news/insiders-expose-millions-uk-law/
Microsoft Patch Tuesday 2024: 49 Vulnerabilities fixed
#Microsoft #PatchTuesday #Vulnerabilities #Cybersecurity #Security
https://cybersecuritynews.com/microsoft-patch-2024-addresses-49-vulnerabilities/
Hackers are impersonating security researchers to gain access to sensitive information and manipulate their victims. These hackers are pretending to be security researchers and are offering to help ransomware victims. They are extorting victims again by promising to delete stolen data. The hackers are posing as legitimate researchers and offering to hack the original ransomware group's servers. Two cases have been identified where the hackers pretend to be the Ethical Side Group and xanonymoux. Future attacks are possible due to unresolved security concerns. The hackers demand a low ransom and use file.io to prove access to victim data. It is believed that a single threat actor is targeting organizations affected by Royal and Akira ransomware attacks.
https://cybersecuritynews.com/hackers-impersonating-as-security-researcher/
Summary: 22-year-old hacker from ShinyHunters Group arrested for hacking 60+ organizations. French citizen Sebastien Raoult sentenced to 3 years in prison and ordered to pay $5 million in restitution. Raoult targeted businesses worldwide, stole confidential information, and sold it on the dark web. Millions of individuals were put at risk of identity theft and financial fraud. FBI spearheaded the investigation. #ShinyHunters #HackerArrest #DataBreach #CyberCrime
Hashtags: #ShinyHunters #HackerArrest #DataBreach #CyberCrime
https://cybersecuritynews.com/hacker-from-shinyhunters-group/